Max CVSS 9.3 Min CVSS 2.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2017-9233 5.0
XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows attackers to put the parser in an infinite loop using a malformed external entity definition from an external DTD.
28-07-2022 - 11:30 25-07-2017 - 20:29
CVE-2016-9843 7.5
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
27-06-2022 - 16:40 23-05-2017 - 04:29
CVE-2016-9842 6.8
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
22-06-2022 - 17:17 23-05-2017 - 04:29
CVE-2016-9841 7.5
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
22-06-2022 - 17:16 23-05-2017 - 04:29
CVE-2016-9840 6.8
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
22-06-2022 - 17:08 23-05-2017 - 04:29
CVE-2017-6458 6.5
Multiple buffer overflows in the ctl_put* functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecified impact via a long variable.
12-07-2021 - 17:15 27-03-2017 - 17:59
CVE-2017-11103 6.8
Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name
18-08-2020 - 15:05 13-07-2017 - 13:29
CVE-2017-7084 4.3
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Application Firewall" component. It allows remote attackers to bypass intended settings in opportunistic circumstances by leveraging incorrect
03-10-2019 - 00:03 23-10-2017 - 01:29
CVE-2017-7086 7.8
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "libc" component. It allows remote attackers to cause a den
03-10-2019 - 00:03 23-10-2017 - 01:29
CVE-2017-7078 5.0
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. The issue involves the "Mail Drafts" component. It allows remote attackers to obtain sensitive information by reading unintended cleartext t
03-10-2019 - 00:03 23-10-2017 - 01:29
CVE-2017-7143 2.1
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Captive Network Assistant" component. It allows remote attackers to discover cleartext passwords in opportunistic circumstances by sniffing the
03-10-2019 - 00:03 23-10-2017 - 01:29
CVE-2017-13827 9.3
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "kext tools" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that performs kext loading.
03-10-2019 - 00:03 03-04-2018 - 06:29
CVE-2017-13851 2.1
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "DesktopServices" component. It allows local users to bypass intended access restrictions on home folder files.
03-10-2019 - 00:03 03-04-2018 - 06:29
CVE-2017-13837 5.0
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Installer" component. It does not properly restrict an app's entitlements for accessing the FileVault unlock key.
03-10-2019 - 00:03 03-04-2018 - 06:29
CVE-2017-10989 7.5
The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact.
03-10-2019 - 00:03 07-07-2017 - 12:29
CVE-2017-0381 9.3
An information disclosure vulnerability in silk/NLSF_stabilize.c in libopus in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access
03-10-2019 - 00:03 12-01-2017 - 20:59
CVE-2017-7127 9.3
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. iCloud before 7.0 on Windows is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "SQLite" componen
08-03-2019 - 16:06 23-10-2017 - 01:29
CVE-2017-7080 5.0
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Security" component. It allows remote attackers to bypass
08-03-2019 - 16:06 23-10-2017 - 01:29
CVE-2017-7114 9.3
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrar
08-03-2019 - 16:06 23-10-2017 - 01:29
CVE-2017-7083 4.0
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "CFNetwork Proxies" component. It allows remote attackers t
08-03-2019 - 16:06 23-10-2017 - 01:29
CVE-2017-7130 7.5
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the third-party "SQLite" product. Versions before 3.19.3 allow
08-03-2019 - 16:06 23-10-2017 - 01:29
CVE-2017-7128 7.5
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the third-party "SQLite" product. Versions before 3.19.3 allow
08-03-2019 - 16:06 23-10-2017 - 01:29
CVE-2017-7129 7.5
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the third-party "SQLite" product. Versions before 3.19.3 allow
08-03-2019 - 16:06 23-10-2017 - 01:29
CVE-2017-13873 4.3
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Kernel" component. It allows attackers to obtain sensitive
08-03-2019 - 16:06 03-04-2018 - 06:29
CVE-2017-13854 9.3
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrar
08-03-2019 - 16:06 03-04-2018 - 06:29
CVE-2017-6462 4.6
Buffer overflow in the legacy Datum Programmable Time Server (DPTS) refclock driver in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via a crafted /dev/datum device.
24-01-2019 - 11:29 27-03-2017 - 17:59
CVE-2017-6463 4.0
NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote authenticated users to cause a denial of service (daemon crash) via an invalid setting in a :config directive, related to the unpeer option.
24-01-2019 - 11:29 27-03-2017 - 17:59
CVE-2017-13890 4.3
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. macOS before 10.13 is affected. The issue involves the "CoreTypes" component. It allows remote attackers to trigger disk-image mounting via a crafted web site.
04-05-2018 - 18:27 03-04-2018 - 06:29
CVE-2017-13839 2.1
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Spotlight" component. It allows local users to see results for other users' files.
04-05-2018 - 15:19 03-04-2018 - 06:29
CVE-2017-6464 4.0
NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote attackers to cause a denial of service (ntpd crash) via a malformed mode configuration directive.
12-04-2018 - 01:29 27-03-2017 - 17:59
CVE-2017-7138 2.1
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Directory Utility" component. It allows local users to discover the Apple ID of the computer's owner.
26-10-2017 - 18:20 23-10-2017 - 01:29
CVE-2017-7141 5.0
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Mail" component. It allows remote attackers to bypass an intended off value of the "Load remote content in messages" setting, and consequently
26-10-2017 - 18:19 23-10-2017 - 01:29
CVE-2017-7082 2.1
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Screen Lock" component. It allows physically proximate attackers to read Application Firewall prompts.
26-10-2017 - 12:54 23-10-2017 - 01:29
CVE-2017-7077 9.3
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "IOFireWireFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corrupt
26-10-2017 - 12:50 23-10-2017 - 01:29
CVE-2017-7074 4.3
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "AppSandbox" component. It allows attackers to cause a denial of service via a crafted app.
26-10-2017 - 12:32 23-10-2017 - 01:29
CVE-2017-7121 7.5
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the third-party "file" product. Versions before 5.30 allow remote attackers to cause a denial of service (application crash) or possibly have unspec
25-10-2017 - 20:12 23-10-2017 - 01:29
CVE-2017-7119 4.3
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "IOFireWireFamily" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
25-10-2017 - 20:05 23-10-2017 - 01:29
CVE-2017-7125 7.5
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the third-party "file" product. Versions before 5.30 allow remote attackers to cause a denial of service (application crash) or possibly have unspec
25-10-2017 - 19:39 23-10-2017 - 01:29
CVE-2017-7126 7.5
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the third-party "file" product. Versions before 5.30 allow remote attackers to cause a denial of service (application crash) or possibly have unspec
25-10-2017 - 19:39 23-10-2017 - 01:29
CVE-2017-7124 7.5
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the third-party "file" product. Versions before 5.30 allow remote attackers to cause a denial of service (application crash) or possibly have unspec
25-10-2017 - 19:39 23-10-2017 - 01:29
CVE-2017-7123 7.5
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the third-party "file" product. Versions before 5.30 allow remote attackers to cause a denial of service (application crash) or possibly have unspec
25-10-2017 - 19:38 23-10-2017 - 01:29
CVE-2017-7122 7.5
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the third-party "file" product. Versions before 5.30 allow remote attackers to cause a denial of service (application crash) or possibly have unspec
25-10-2017 - 19:38 23-10-2017 - 01:29
CVE-2017-6451 4.6
The mx4200_send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, whic
24-10-2017 - 01:29 27-03-2017 - 17:59
CVE-2017-6455 4.4
NTP before 4.2.8p10 and 4.3.x before 4.3.94, when using PPSAPI, allows local users to gain privileges via a DLL in the PPSAPI_DLLS environment variable.
24-10-2017 - 01:29 27-03-2017 - 17:59
CVE-2017-6452 4.6
Stack-based buffer overflow in the Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via an application path on the command line.
24-10-2017 - 01:29 27-03-2017 - 17:59
CVE-2017-6460 6.5
Stack-based buffer overflow in the reslist function in ntpq in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote servers have unspecified impact via a long flagstr variable in a restriction list response.
24-10-2017 - 01:29 27-03-2017 - 17:59
CVE-2017-6459 2.1
The Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via vectors related to an argument with multiple null bytes.
24-10-2017 - 01:29 27-03-2017 - 17:59
CVE-2017-1000373 6.4
The OpenBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack
24-10-2017 - 01:29 19-06-2017 - 16:29
Back to Top Mark selected
Back to Top