CVE-2014-4677CVE-2014-4677

Affected configuration(s):

cpe:/a:gpgtools:libmacgpg:.0.6

Date published: 2017-02-22T11:59:00.147-05:00

Date last modified: 2017-02-28T14:27:14.467-05:00

CVSS Score: 7.2

Principal attack vector: LOCAL

Complexity:  LOW

Reference URL: https://bierbaumer.net/security/cve-2014-4677/

Summary: The installPackage function in the installerHelper subcomponent in Libmacgpg in GPG Suite before 2015.06 allows local users to execute arbitrary commands with root privileges via shell metacharacters in the xmlPath argument.

CVE-2017-0037CVE-2017-0037

Affected configuration(s):

cpe:/a:microsoft:edge
cpe:/a:microsoft:internet_explorer:11

Date published: 2017-02-26T18:59:00.150-05:00

Date last modified: 2017-11-18T21:29:00.410-05:00

CVSS Score: 7.6

Principal attack vector: NETWORK

Complexity:  HIGH

Reference URL: http://www.securityfocus.com/bid/96088

Summary: Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote attackers to execute arbitrary code via vectors involving a crafted Cascading Style Sheets (CSS) token sequence and crafted JavaScript code that operates on a TH element.

CVE-2014-9905CVE-2014-9905

Affected configuration(s):

cpe:/a:inverse-inc:sogo:2.1.1

Date published: 2017-02-17T12:59:00.140-05:00

Date last modified: 2017-02-22T11:18:37.067-05:00

CVSS Score: 4.3

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: http://www.openwall.com/lists/oss-security/2016/07/09/3

Summary: Multiple cross-site scripting (XSS) vulnerabilities in the Web Calendar in SOGo before 2.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) title of an appointment or (2) contact fields.

CVE-2017-0322CVE-2017-0322

Affected configuration(s):

cpe:/a:nvidia:gpu_driver:-

Date published: 2017-02-15T18:59:00.540-05:00

Date last modified: 2017-02-23T14:30:39.357-05:00

CVSS Score: 7.2

Principal attack vector: LOCAL

Complexity:  LOW

Reference URL: http://nvidia.custhelp.com/app/answers/detail/a_id/4398

Summary: All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler where a value passed from a user to the driver is not correctly validated and used as the index to an array, leading to denial of service or potential escalation of privileges.

CVE-2017-0313CVE-2017-0313

Affected configuration(s):

cpe:/a:nvidia:gpu_driver:-

Date published: 2017-02-15T18:59:00.307-05:00

Date last modified: 2017-08-31T21:29:32.727-04:00

CVSS Score: 7.2

Principal attack vector: LOCAL

Complexity:  LOW

Reference URL: http://nvidia.custhelp.com/app/answers/detail/a_id/4398

Summary: All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) implementation of the SubmitCommandVirtual DDI (DxgkDdiSubmitCommandVirtual) where untrusted input is used to reference memory outside of the intended boundary of the buffer leading to denial of service or escalation of privileges.

CVE-2017-0320CVE-2017-0320

Affected configuration(s):

cpe:/a:nvidia:gpu_driver:-

Date published: 2017-02-15T18:59:00.493-05:00

Date last modified: 2017-02-23T14:07:39.623-05:00

CVSS Score: 4.9

Principal attack vector: LOCAL

Complexity:  LOW

Reference URL: http://nvidia.custhelp.com/app/answers/detail/a_id/4398

Summary: All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer handler where improper handling of values may cause a denial of service on the system.

CVE-2017-0319CVE-2017-0319

Affected configuration(s):

cpe:/a:nvidia:gpu_driver:-

Date published: 2017-02-15T18:59:00.447-05:00

Date last modified: 2017-02-23T14:07:58.797-05:00

CVSS Score: 4.9

Principal attack vector: LOCAL

Complexity:  LOW

Reference URL: http://nvidia.custhelp.com/app/answers/detail/a_id/4398

Summary: All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer handler where improper handling of values may cause a denial of service on the system.

CVE-2017-0309CVE-2017-0309

Affected configuration(s):

cpe:/a:nvidia:gpu_driver:-

Date published: 2017-02-15T18:59:00.180-05:00

Date last modified: 2017-02-23T14:04:55.117-05:00

CVSS Score: 7.2

Principal attack vector: LOCAL

Complexity:  LOW

Reference URL: http://nvidia.custhelp.com/app/answers/detail/a_id/4398

Summary: All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where multiple integer overflows may cause improper memory allocation leading to a denial of service or potential escalation of privileges.

CVE-2017-0321CVE-2017-0321

Affected configuration(s):

cpe:/a:nvidia:gpu_driver:-

Date published: 2017-02-15T18:59:00.510-05:00

Date last modified: 2017-02-23T14:06:24.497-05:00

CVSS Score: 7.2

Principal attack vector: LOCAL

Complexity:  LOW

Reference URL: http://nvidia.custhelp.com/app/answers/detail/a_id/4398

Summary: All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where a NULL pointer dereference caused by invalid user input may lead to denial of service or potential escalation of privileges.