Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:x86:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2017-11209 |
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability that occurs when reading a JPEG file embedded within XML Paper Specification (XPS) file. Successful exploitation could lead to arbitrary code execution. Published: August 11, 2017; 3:29:00 PM -0400 |
V4.0:(not available) V3.0: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2015-2291 |
(1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted (a) 0x80862013, (b) 0x8086200B, (c) 0x8086200F, or (d) 0x80862007 IOCTL call. Published: August 09, 2017; 2:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2017-11742 |
The writeRandomBytes_RtlGenRandom function in xmlparse.c in libexpat in Expat 2.2.1 and 2.2.2 on Windows allows local users to gain privileges via a Trojan horse ADVAPI32.DLL in the current working directory because of an untrusted search path, aka DLL hijacking. Published: July 30, 2017; 10:29:00 AM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2017-6260 |
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer helper function where an incorrect calculation of string length may lead to denial of service. Published: July 28, 2017; 3:29:00 PM -0400 |
V4.0:(not available) V3.0: 6.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2017-6257 |
NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where a NULL pointer dereference may lead to denial of service or potential escalation of privileges Published: July 28, 2017; 3:29:00 PM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 7.2 HIGH |
CVE-2017-6256 |
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a value passed from a user to the driver is not correctly validated and used as the index to an array which may lead to denial of service or potential escalation of privileges. Published: July 28, 2017; 3:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2017-6255 |
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where an improper input parameter handling may lead to a denial of service or potential escalation of privileges. Published: July 28, 2017; 3:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2017-6254 |
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a pointer passed from an user to the driver is used without validation which may lead to denial of service or potential escalation of privileges. Published: July 28, 2017; 3:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2017-6253 |
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where the size of an input buffer is not validated which may lead to denial of service or potential escalation of privileges Published: July 28, 2017; 3:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2017-6252 |
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler where a NULL pointer dereference may lead to a denial of service or potential escalation of privileges. Published: July 28, 2017; 3:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2017-6251 |
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler where a missing permissions check may allow users to gain access to arbitrary physical system memory, which may lead to an escalation of privileges. Published: July 28, 2017; 3:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2017-7064 |
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. The issue involves the "WebKit" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. Published: July 20, 2017; 12:29:02 PM -0400 |
V4.0:(not available) V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-7061 |
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Published: July 20, 2017; 12:29:02 PM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2017-7056 |
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Published: July 20, 2017; 12:29:02 PM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2017-7055 |
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Published: July 20, 2017; 12:29:02 PM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2017-7053 |
An issue was discovered in certain Apple products. iTunes before 12.6.2 on Windows is affected. The issue involves the "iTunes" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app. Published: July 20, 2017; 12:29:02 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
CVE-2017-7052 |
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Published: July 20, 2017; 12:29:02 PM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2017-7049 |
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Published: July 20, 2017; 12:29:01 PM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2017-7048 |
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Published: July 20, 2017; 12:29:01 PM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2017-7046 |
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Published: July 20, 2017; 12:29:01 PM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM |