| Month | Quarter | Year |
|---|---|---|
| #1 | #11 | #17 |
| CVE-ID | CWE-ID | Type | Score |
|---|---|---|---|
| CVE-2017-3076 | CWE-119 | Buffer Errors | 9.8 |
|
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the MPEG-4 AVC module. Successful exploitation could lead to arbitrary code execution.
|
|||
| CVE-2017-3068 | CWE-119 | Buffer Errors | 9.8 |
|
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution.
|
|||
| CVE-2017-3064 | CWE-119 | Buffer Errors | 7.8 |
|
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability when parsing a shape outline. Successful exploitation could lead to arbitrary code execution.
|
|||
| CVE-2017-3061 | CWE-119 | Buffer Errors | 9.8 |
|
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the SWF parser. Successful exploitation could lead to arbitrary code execution.
|
|||
| CVE-2017-2988 | CWE-119 | Buffer Errors | 9.8 |
|
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability when performing garbage collection. Successful exploitation could lead to arbitrary code execution.
|
|||
| CVE-2017-2986 | CWE-119 | Buffer Errors | 9.8 |
|
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the Flash Video (FLV) codec. Successful exploitation could lead to arbitrary code execution.
|
|||
| CVE-2017-2985 | CWE-416 | Use After Free | 9.8 |
|
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in the ActionScript 3 BitmapData class. Successful exploitation could lead to arbitrary code execution.
|
|||
| CVE-2017-11880 | CWE-200 | Information Leak / Disclosure | 4.7 |
|
Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to run a specially crafted application and obtain information to further compromise the user's system due to the Windows kernel improperly initializing objects in memory, aka "Windows Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-11831.
|
|||
| CVE-2017-11853 | CWE-200 | Information Leak / Disclosure | 5.5 |
|
Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to log in and run a specially crafted application due to the Windows kernel improperly initializing a memory address, aka "Windows Kernel Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-11842, CVE-2017-11849, and CVE-2017-11851.
|
|||
| CVE-2017-11831 | CWE-200 | Information Leak / Disclosure | 4.7 |
|
Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to log on to an affected system, and run a specially crafted application that can compromise the user's system due to how the Windows kernel initializes memory, aka "Windows Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-11880.
|
|||