Vulnerabilities > Microsoft > Windows > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-05 | CVE-2017-10737 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.40 XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlpCoalesceFreeBlocks+0x00000000000002e6." | 4.6 |
| 2017-07-05 | CVE-2017-10736 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.40 XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at msvcrt!_VEC_memzero+0x000000000000006a." | 4.6 |
| 2017-06-27 | CVE-2017-1297 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM products IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a stack-based buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code. | 4.4 |
| 2017-06-04 | CVE-2017-9428 | Path Traversal vulnerability in Bigtreecms Bigtree CMS A directory traversal vulnerability exists in core\admin\ajax\developer\extensions\file-browser.php in BigTree CMS through 4.2.18 on Windows, allowing attackers to read arbitrary files via ..\ sequences in the directory parameter. | 5.0 |
| 2017-05-22 | CVE-2017-4916 | NULL Pointer Dereference vulnerability in VMWare Workstation Player and Workstation PRO VMware Workstation Pro/Player contains a NULL pointer dereference vulnerability that exists in the vstor2 driver. | 6.8 |
| 2017-05-22 | CVE-2017-6984 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products An issue was discovered in certain Apple products. | 6.8 |
| 2017-05-09 | CVE-2017-0355 | Improper Input Validation vulnerability in Nvidia GPU Driver All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer handler for DxgkDdiEscape where it may access paged memory while holding a spinlock, leading to a denial of service. | 4.9 |
| 2017-05-09 | CVE-2017-0354 | Improper Input Validation vulnerability in Nvidia GPU Driver All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer handler for DxgkDdiEscape where a call to certain function requiring lower IRQL can be made under raised IRQL which may lead to a denial of service. | 4.7 |
| 2017-05-09 | CVE-2017-0343 | Race Condition vulnerability in Nvidia GPU Driver All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) where user can trigger a race condition due to lack of synchronization in two functions leading to a denial of service or potential escalation of privileges. | 6.9 |
| 2017-04-12 | CVE-2017-3053 | Out-of-bounds Read vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the image conversion engine, related to parsing of the APP13 segment in JPEG files. | 4.3 |