Vulnerabilities > Microsoft > Windows > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-22 | CVE-2017-15772 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.43 XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address may be used as a return value starting at CADImage+0x0000000000285e9d." | 6.8 |
| 2017-10-22 | CVE-2017-15803 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.43 XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at ntdll_77310000!LdrpResCompareResourceNames+0x0000000000000150." | 6.8 |
| 2017-10-22 | CVE-2017-15802 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.43 XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77310000!LdrpResCompareResourceNames+0x0000000000000087." | 6.8 |
| 2017-10-22 | CVE-2017-15801 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.43 XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77310000!LdrpResSearchResourceInsideDirectory+0x000000000000029e." | 6.8 |
| 2017-10-16 | CVE-2017-0316 | Improper Input Validation vulnerability in Nvidia Geforce Experience In GeForce Experience (GFE) 3.x before 3.10.0.55, NVIDIA Installer Framework contains a vulnerability in NVISystemService64 where a value passed from a user to the driver is used without validation, which may lead to denial of service or possible escalation of privileges. | 4.6 |
| 2017-10-03 | CVE-2017-8018 | Improper Input Validation vulnerability in EMC Appsync 2.0/3.0.0/3.5 EMC AppSync host plug-in versions 3.5 and below (Windows platform only) includes a denial of service (DoS) vulnerability that could potentially be exploited by malicious users to compromise the affected system. | 5.0 |
| 2017-09-30 | CVE-2017-14947 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Artifex Gsview 6.0 Artifex GSView 6.0 Beta on Windows allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "Read Access Violation on Block Data Move starting at mupdfnet64!mIncrementalSaveFile+0x0000000000193359." | 6.8 |
| 2017-09-30 | CVE-2017-14946 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Artifex Gsview 6.0 Artifex GSView 6.0 Beta on Windows allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faulting Address controls Branch Selection starting at mupdfnet64!mIncrementalSaveFile+0x000000000000344e." | 6.8 |
| 2017-09-30 | CVE-2017-14945 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Artifex Gsview 6.0 Artifex GSView 6.0 Beta on Windows allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Possible Stack Corruption starting at KERNELBASE!RaiseException+0x0000000000000068." | 6.8 |
| 2017-09-22 | CVE-2017-6271 | Divide By Zero vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiCreateAllocation where untrusted user input is used as a divisor without validation while processing block linear information which may lead to a potential divide by zero and denial of service. | 4.9 |