| 2017-03-17 | CVE-2017-6967 | Improper Authentication vulnerability in Neutrinolabs Xrdp 0.9.1
xrdp 0.9.1 calls the PAM function auth_start_session() in an incorrect location, leading to PAM session modules not being properly initialized, with a potential consequence of incorrect configurations or elevation of privileges, aka a pam_limits.so bypass. | 7.3 |
| 2017-03-17 | CVE-2017-6962 | Integer Overflow or Wraparound vulnerability in Apng2Gif Project Apng2Gif 1.7
An issue was discovered in apng2gif 1.7. | 7.5 |
| 2017-03-17 | CVE-2017-6960 | Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in apng2gif 1.7. | 7.5 |
| 2017-03-17 | CVE-2017-0151 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. | 7.5 |
| 2017-03-17 | CVE-2017-0150 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. | 7.5 |
| 2017-03-17 | CVE-2017-0149 | Out-of-bounds Write vulnerability in Microsoft Internet Explorer 10/11/9
Microsoft Internet Explorer 9 through 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0018 and CVE-2017-0037. | 8.8 |
| 2017-03-17 | CVE-2017-0148 | The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0146. | 8.1 |
| 2017-03-17 | CVE-2017-0147 | The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a crafted packets, aka "Windows SMB Information Disclosure Vulnerability." | 7.5 |
| 2017-03-17 | CVE-2017-0146 | The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0148. | 8.8 |
| 2017-03-17 | CVE-2017-0145 | The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0146, and CVE-2017-0148. | 8.8 |