The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2017-14311 | The Winring0x32.sys driver in NetMechanica NetDecision 5.8.2 allows local users to gain privileges via a crafted 0x9C402088 IOCTL call. | MEDIUM | Sep 19, 2017 | n/a |
| CVE-2017-14310 | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a Read Access Violation starting at STDUJBIG2File!DllUnregisterServer+0x0000000000001869. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14309 | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a Read Access Violation starting at STDUJBIG2File!DllUnregisterServer+0x0000000000006ec8. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14308 | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a Read Access Violation starting at STDUJBIG2File!DllUnregisterServer+0x0000000000006ddd. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14307 | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to Data from Faulting Address controls Branch Selection starting at ntdll_77400000!TpAllocCleanupGroup+0x0000000000000402. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14306 | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a Read Access Violation starting at STDUJBIG2File!DllUnregisterServer+0x0000000000006e10. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14305 | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to Data from Faulting Address controls Branch Selection starting at STDUJBIG2File!DllUnregisterServer+0x0000000000005578. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14304 | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a Read Access Violation starting at STDUJBIG2File!DllGetClassObject+0x00000000000043e0. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14303 | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a Read Access Violation starting at STDUJBIG2File!DllGetClassObject+0x0000000000003047. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14302 | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to Data from Faulting Address controls Branch Selection starting at STDUJBIG2File!DllGetClassObject+0x00000000000064d7. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14301 | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to Data from Faulting Address controls subsequent Write Address starting at STDUJBIG2File!DllUnregisterServer+0x00000000000076d3. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14300 | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to Data from Faulting Address controls subsequent Write Address starting at STDUJBIG2File!DllGetClassObject+0x0000000000004479. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14299 | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to Data from Faulting Address controls subsequent Write Address starting at STDUJBIG2File!DllGetClassObject+0x000000000000384b. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14298 | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to Data from Faulting Address controls subsequent Write Address starting at STDUJBIG2File!DllGetClassObject+0x00000000000038e8. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14297 | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to Data from Faulting Address controls Code Flow starting at STDUJBIG2File!DllGetClassObject+0x0000000000002f35. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14296 | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to Data from Faulting Address controls subsequent Write Address starting at STDUJBIG2File!DllGetClassObject+0x00000000000043e6. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14295 | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to Data from Faulting Address controls Code Flow starting at STDUJBIG2File+0x00000000000015e9. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14294 | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a User Mode Write AV starting at STDUJBIG2File!DllUnregisterServer+0x000000000000566e. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14293 | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to Heap Corruption starting at wow64!Wow64LdrpInitialize+0x00000000000008e1. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14292 | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a User Mode Write AV starting at STDUJBIG2File!DllUnregisterServer+0x000000000000570e. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14291 | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a User Mode Write AV starting at STDUJBIG2File!DllUnregisterServer+0x00000000000076d8. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14290 | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to Heap Corruption starting at wow64!Wow64NotifyDebugger+0x000000000000001d. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14289 | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a User Mode Write AV starting at STDUJBIG2File!DllGetClassObject+0x000000000000303e. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14288 | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a User Mode Write AV starting at STDUJBIG2File!DllGetClassObject+0x0000000000002ff7. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14287 | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a Read Access Violation on Control Flow starting at STDUJBIG2File+0x00000000000015eb. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14286 | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a User Mode Write AV starting at STDUJBIG2File!DllUnregisterServer+0x000000000000cb8c. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14285 | XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to Data from Faulting Address controls Branch Selection starting at ntdll_77400000!RtlInterlockedPopEntrySList+0x000000000000039b. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14284 | XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to Data from Faulting Address controls Branch Selection starting at ntdll_77400000!RtlGetCurrentDirectory_U+0x000000000000016c. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14283 | XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a Read Access Violation starting at jbig2dec+0x0000000000008fe4. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14282 | XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a Read Access Violation starting at jbig2dec+0x0000000000005862. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14281 | XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at jbig2dec+0x00000000000090f1. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14280 | XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to Data from Faulting Address controls Branch Selection starting at jbig2dec+0x000000000000571d. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14279 | XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a Read Access Violation starting at jbig2dec+0x0000000000005643. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14278 | XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a Read Access Violation starting at jbig2dec+0x0000000000005940. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14277 | XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a Read Access Violation starting at jbig2dec+0x0000000000005956. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14276 | XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to Possible Stack Corruption starting at jbig2dec+0x0000000000002fbe. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14275 | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a User Mode Write AV near NULL starting at wow64!Wow64NotifyDebugger+0x000000000000001d. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14274 | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to Data from Faulting Address controls subsequent Write Address starting at jbig2dec+0x0000000000008706. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14273 | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a User Mode Write AV starting at ntdll_77400000!RtlInterlockedPopEntrySList+0x00000000000003b0. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14272 | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a User Mode Write AV starting at jbig2dec+0x000000000000595d. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14271 | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a User Mode Write AV starting at ntdll_77400000!RtlImpersonateSelfEx+0x000000000000024e. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14270 | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a User Mode Write AV starting at ntdll_77400000!RtlFillMemoryUlong+0x0000000000000010. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14269 | EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices allow remote attackers to obtain sensitive information via a JSONP endpoint, as demonstrated by passwords and SMS content. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14268 | EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices have XSS in the sms_content parameter in a getSMSlist request. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14267 | EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices have CSRF, related to goform/AddNewProfile, goform/setWanDisconnect, goform/setSMSAutoRedirectSetting, goform/setReset, and goform/uploadBackupSettings. | MEDIUM | Sep 11, 2017 | n/a |
| CVE-2017-14266 | tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow vulnerability triggered by a crafted PCAP file. | MEDIUM | Sep 12, 2017 | n/a |
| CVE-2017-14265 | A Stack-based Buffer Overflow was discovered in xtrans_interpolate in internal/dcraw_common.cpp in LibRaw before 0.18.3. It could allow a remote denial of service or code execution attack. | HIGH | Sep 11, 2017 | n/a |
| CVE-2017-14263 | Honeywell NVR devices allow remote attackers to create a user account in the admin group by leveraging access to a guest account to obtain a session ID, and then sending that session ID in a userManager.addUser request to the /RPC2 URI. The attacker can login to the device with that new user account to fully control the device. | HIGH | Sep 11, 2017 | n/a |
| CVE-2017-14262 | On Samsung NVR devices, remote attackers can read the MD5 password hash of the 'admin' account via certain szUserName JSON data to cgi-bin/main-cgi, and login to the device with that hash in the szUserPasswd parameter. | HIGH | Sep 11, 2017 | n/a |
| CVE-2017-14261 | In the SDK in Bento4 1.5.0-616, the AP4_StszAtom class in Ap4StszAtom.cpp file contains a Read Memory Access Violation vulnerability. It is possible to exploit this vulnerability by opening a crafted .MP4 file. | MEDIUM | Sep 11, 2017 | n/a |
