Vulnerabilities > Microsoft > Windows
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-11 | CVE-2017-14273 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.40 XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at ntdll_77400000!RtlInterlockedPopEntrySList+0x00000000000003b0." | 4.6 |
| 2017-09-11 | CVE-2017-14272 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.40 XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at jbig2dec+0x000000000000595d." | 4.6 |
| 2017-09-11 | CVE-2017-14271 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.40 XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at ntdll_77400000!RtlImpersonateSelfEx+0x000000000000024e." | 4.6 |
| 2017-09-11 | CVE-2017-14270 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.40 XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at ntdll_77400000!RtlFillMemoryUlong+0x0000000000000010." | 4.6 |
| 2017-09-01 | CVE-2017-10851 | Untrusted Search Path vulnerability in Fujixerox Contentsbridge Utility Untrusted search path vulnerability in Installer for ContentsBridge Utility for Windows 7.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 9.3 |
| 2017-08-31 | CVE-2017-11158 | Untrusted Search Path vulnerability in Synology Cloud Station Drive Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Drive before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory. | 4.6 |
| 2017-08-30 | CVE-2017-11157 | Untrusted Search Path vulnerability in Synology Cloud Station Backup Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Backup before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory. | 4.6 |
| 2017-08-23 | CVE-2017-11159 | Untrusted Search Path vulnerability in Synology Photo Station Uploader Multiple untrusted search path vulnerabilities in installer in Synology Photo Station Uploader before 1.4.2-084 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory. | 4.6 |
| 2017-08-18 | CVE-2017-12939 | Improper Input Validation vulnerability in Unity3D Unity Editor A Remote Code Execution vulnerability was identified in all Windows versions of Unity Editor, e.g., before 5.3.8p2, 5.4.x before 5.4.5p5, 5.5.x before 5.5.4p3, 5.6.x before 5.6.3p1, and 2017.x before 2017.1.0p4. | 7.5 |
| 2017-08-11 | CVE-2017-3124 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the picture exchange (PCX) file format parsing module. | 10.0 |