Export limit exceeded: 10628 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (10628 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-0466 1 Google 1 Android 2025-04-20 N/A
A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33139050.
CVE-2017-0292 1 Microsoft 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more 2025-04-20 N/A
Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows remote code execution if a user opens a specially crafted PDF file, aka "Windows PDF Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0291.
CVE-2017-0291 1 Microsoft 5 Windows 10, Windows 8.1, Windows Rt 8.1 and 2 more 2025-04-20 N/A
Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows remote code execution if a user opens a specially crafted PDF file, aka "Windows PDF Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0292.
CVE-2017-0260 1 Microsoft 3 Office, Windows 7, Windows Server 2008 2025-04-20 N/A
A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, and CVE-2017-8506.
CVE-2017-0240 1 Microsoft 1 Edge 2025-04-20 N/A
A remote code execution vulnerability exists in Microsoft Edge in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0221 and CVE-2017-0227.
CVE-2017-0229 1 Microsoft 1 Edge 2025-04-20 N/A
A remote code execution vulnerability exists in Microsoft Edge in the way JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238.
CVE-2017-0671 1 Google 1 Android 2025-04-20 N/A
A remote code execution vulnerability in the Android libraries. Product: Android. Versions: 4.4.4. Android ID: A-34514762.
CVE-2016-8377 1 Fatek 2 Plc Winproladder, Plc Winproladder Firmware 2025-04-20 8.0 High
An issue was discovered in Fatek Automation PLC WinProladder Version 3.11 Build 14701. A stack-based buffer overflow vulnerability exists when the software application connects to a malicious server, resulting in a stack buffer overflow. This causes an exploitable Structured Exception Handler (SEH) overwrite condition that may allow remote code execution.
CVE-2017-0809 1 Google 1 Android 2025-04-20 N/A
A remote code execution vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62673128.
CVE-2017-0592 1 Google 1 Android 2025-04-20 N/A
A remote code execution vulnerability in FLACExtractor.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34970788.
CVE-2017-4933 2 Apple, Vmware 4 Mac Os X, Esxi, Fusion and 1 more 2025-04-20 8.8 High
VMware ESXi (6.5 before ESXi650-201710401-BG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerability that could allow an authenticated VNC session to cause a heap overflow via a specific set of VNC packets resulting in heap corruption. Successful exploitation of this issue could result in remote code execution in a virtual machine via the authenticated VNC session. Note: In order for exploitation to be possible in ESXi, VNC must be manually enabled in a virtual machine's .vmx configuration file. In addition, ESXi must be configured to allow VNC traffic through the built-in firewall.
CVE-2017-8303 1 Accellion 1 File Transfer Appliance 2025-04-20 9.8 Critical
An issue was discovered on Accellion FTA devices before FTA_9_12_180. seos/1000/find.api allows Remote Code Execution with shell metacharacters in the method parameter.
CVE-2016-10176 1 Netgear 2 Wnr2000v5, Wnr2000v5 Firmware 2025-04-20 N/A
The NETGEAR WNR2000v5 router allows an administrator to perform sensitive actions by invoking the apply.cgi URL on the web server of the device. This special URL is handled by the embedded web server (uhttpd) and processed accordingly. The web server also contains another URL, apply_noauth.cgi, that allows an unauthenticated user to perform sensitive actions on the device. This functionality can be exploited to change the router settings (such as the answers to the password-recovery questions) and achieve remote code execution.
CVE-2017-7280 1 Unitrends 1 Enterprise Backup 2025-04-20 N/A
An issue was discovered in api/includes/systems.php in Unitrends Enterprise Backup before 9.0.0. User input is not properly filtered before being sent to a popen function. This allows for remote code execution by sending a specially crafted user variable.
CVE-2017-4941 2 Apple, Vmware 4 Mac Os X, Esxi, Fusion and 1 more 2025-04-20 8.8 High
VMware ESXi (6.0 before ESXi600-201711101-SG, 5.5 ESXi550-201709101-SG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerability that could allow an authenticated VNC session to cause a stack overflow via a specific set of VNC packets. Successful exploitation of this issue could result in remote code execution in a virtual machine via the authenticated VNC session. Note: In order for exploitation to be possible in ESXi, VNC must be manually enabled in a virtual machine's .vmx configuration file. In addition, ESXi must be configured to allow VNC traffic through the built-in firewall.
CVE-2017-1000169 1 Quickerbb Project 1 Quickerbb 2025-04-20 N/A
QuickerBB version <= 0.7.2 is vulnerable to arbitrary file writes which can lead to remote code execution. This can lead to the complete takeover of the server hosting QuickerBB.
CVE-2017-3853 1 Cisco 1 Iox 2025-04-20 N/A
A vulnerability in the Data-in-Motion (DMo) process installed with the Cisco IOx application environment could allow an unauthenticated, remote attacker to cause a stack overflow that could allow remote code execution with root privileges in the virtual instance running on an affected device. The vulnerability is due to insufficient bounds checking in the DMo process. An attacker could exploit this vulnerability by sending crafted packets that are forwarded to the DMo process for evaluation. The impacts of a successful exploit are limited to the scope of the virtual instance and do not impact the router that is hosting Cisco IOx. This vulnerability affects the following Cisco 800 Series Industrial Integrated Services Routers: Cisco IR809 and Cisco IR829. Cisco IOx Releases 1.0.0.0 and 1.1.0.0 are vulnerable. Cisco Bug IDs: CSCuy52330.
CVE-2017-0765 1 Google 1 Android 2025-04-20 N/A
A remote code execution vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62872863.
CVE-2017-0757 1 Google 1 Android 2025-04-20 N/A
A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36006815.
CVE-2017-0588 1 Google 1 Android 2025-04-20 N/A
A remote code execution vulnerability in id3/ID3.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34618607.