Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-18 | CVE-2017-14544 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375 STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .epub file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at STDUEPubFile!DllUnregisterServer+0x000000000003fff1." | 7.8 |
| 2017-09-18 | CVE-2017-14543 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375 STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .epub file, related to "Data from Faulting Address controls Branch Selection starting at STDUEPubFile!DllUnregisterServer+0x0000000000039335." | 7.8 |
| 2017-09-18 | CVE-2017-14542 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375 STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .epub file, related to a "Read Access Violation on Block Data Move starting at STDUEPubFile!DllUnregisterServer+0x0000000000010262." | 7.8 |
| 2017-09-18 | CVE-2017-14541 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.40 XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address controls Branch Selection starting at CADImage+0x000000000001f23e." | 7.8 |
| 2017-09-18 | CVE-2017-14540 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Irfanview 4.44 IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address controls Branch Selection starting at CADIMAGE+0x000000000001f23e." | 7.8 |
| 2017-09-18 | CVE-2017-14539 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Irfanview 4.44 IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address controls Branch Selection starting at image00000000_00400000+0x000000000011d767." | 7.8 |
| 2017-09-18 | CVE-2017-14538 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.40 XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls subsequent Write Address starting at jbig2dec+0x0000000000008823." | 7.8 |
| 2017-09-18 | CVE-2017-9798 | Use After Free vulnerability in multiple products Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. | 7.5 |
| 2017-09-18 | CVE-2014-6106 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Security Identity Manager Cross-site request forgery (CSRF) vulnerability in IBM Security Identity Manager 5.1, 6.0, and 7.0 allows remote attackers to hijack the authentication of users for requests that can cause cross-site scripting attacks, web cache poisoning, or other unspecified impacts via unknown vectors. | 8.8 |
| 2017-09-18 | CVE-2017-9333 | Improper Input Validation vulnerability in Openwebif Project Openwebif 1.2.5 OpenWebif 1.2.5 allows remote code execution via a URL to the CallOPKG function in the IpkgController class in plugin/controllers/ipkg.py, when the URL refers to an attacker-controlled web site with a Trojan horse package. | 8.8 |