Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-13 | CVE-2017-13785 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products An issue was discovered in certain Apple products. | 8.8 |
| 2017-11-13 | CVE-2017-13784 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products An issue was discovered in certain Apple products. | 8.8 |
| 2017-11-13 | CVE-2017-13783 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products An issue was discovered in certain Apple products. | 8.8 |
| 2017-11-12 | CVE-2017-16797 | Integer Overflow or Wraparound vulnerability in Swftools 0.9.2 In SWFTools 0.9.2, the png_load function in lib/png.c does not properly validate an alloclen_64 multiplication of width and height values, which allows remote attackers to cause a denial of service (integer overflow, heap-based buffer overflow, and application crash) or possibly have unspecified other impact via a crafted PNG file. | 7.8 |
| 2017-11-12 | CVE-2017-16796 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Swftools 0.9.2 In SWFTools 0.9.2, the png_load function in lib/png.c does not check the return value of a realloc call, which allows remote attackers to cause a denial of service (invalid write and application crash) or possibly have unspecified other impact via vectors involving an IDAT tag in a crafted PNG file. | 7.8 |
| 2017-11-12 | CVE-2017-16793 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Swftools 0.9.2 The wav_convert2mono function in lib/wav.c in SWFTools 0.9.2 does not properly validate WAV data, which allows remote attackers to cause a denial of service (incorrect malloc and heap-based buffer overflow) or possibly have unspecified other impact via a crafted file. | 7.8 |
| 2017-11-11 | CVE-2017-16520 | Improper Privilege Management vulnerability in Inedo Buildmaster Inedo BuildMaster before 5.8.2 does not properly restrict creation of RequireManageAllPrivileges event listeners. | 7.5 |
| 2017-11-10 | CVE-2017-16762 | Path Traversal vulnerability in Sanic Project Sanic Sanic before 0.5.1 allows reading arbitrary files with directory traversal, as demonstrated by the /static/..%2f substring. | 7.5 |
| 2017-11-10 | CVE-2017-9758 | Improper Certificate Validation vulnerability in Savitech-Ic Savitech Driver Savitech driver packages for Windows silently install a self-signed certificate into the Trusted Root Certification Authorities store, aka "Inaudible Subversion." | 7.4 |
| 2017-11-10 | CVE-2017-16249 | Unspecified vulnerability in Brother Dcp-J132W Firmware 1.20 The Debut embedded http server contains a remotely exploitable denial of service where a single malformed HTTP POST request can cause the server to hang until eventually replying (~300 seconds) with an HTTP 500 error. | 7.5 |