Search Results (21031 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-2847 1 Foscam 2 C1 Indoor Hd Camera, C1 Indoor Hd Camera Firmware 2025-04-20 8.8 High
In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary shell characters during manual network configuration resulting in command injection. An attacker can simply send an HTTP request to the device to trigger this vulnerability.
CVE-2015-8619 2 Debian, Qemu 2 Debian Linux, Qemu 2025-04-20 7.5 High
The Human Monitor Interface support in QEMU allows remote attackers to cause a denial of service (out-of-bounds write and application crash).
CVE-2017-12305 1 Cisco 1 Ip Phone 8800 Series Firmware 2025-04-20 N/A
A vulnerability in the debug interface of Cisco IP Phone 8800 series could allow an authenticated, local attacker to execute arbitrary commands, aka Debug Shell Command Injection. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting additional command input to the affected parameter in the debug shell. Cisco Bug IDs: CSCvf80034.
CVE-2017-13166 2 Google, Redhat 5 Android, Enterprise Linux, Enterprise Mrg and 2 more 2025-04-20 N/A
An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167.
CVE-2017-2185 1 Kddi 2 Home Spot Cube 2, Home Spot Cube 2 Firmware 2025-04-20 N/A
HOME SPOT CUBE2 firmware V101 and earlier allows authenticated attackers to execute arbitrary OS commands via WebUI.
CVE-2017-12166 2 Debian, Openvpn 2 Debian Linux, Openvpn 2025-04-20 9.8 Critical
OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution.
CVE-2016-8709 1 Gonitro 1 Nitro Pdf Pro 2025-04-20 7.8 High
A remote out of bound write / memory corruption vulnerability exists in the PDF parsing functionality of Nitro Pro 10. A specially crafted PDF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific PDF file to trigger this vulnerability.
CVE-2017-2842 1 Foscam 2 C1 Indoor Hd Camera, C1 Indoor Hd Camera Firmware 2025-04-20 8.8 High
In the web management interface in Foscam C1 Indoor HD Camera running application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary data in the "msmtprc" configuration file resulting in command execution. An attacker can simply send an HTTP request to the device to trigger this vulnerability.
CVE-2017-2141 1 Iodata 2 Wn-g300r3, Wn-g300r3 Firmware 2025-04-20 N/A
WN-G300R3 firmware 1.03 and earlier allows attackers with administrator rights to execute arbitrary OS commands via unspecified vectors.
CVE-2017-6309 2 Debian, Tnef Project 2 Debian Linux, Tnef 2025-04-20 N/A
An issue was discovered in tnef before 1.4.13. Two type confusions have been identified in the parse_file() function. These might lead to invalid read and write operations, controlled by an attacker.
CVE-2017-14962 1 Ikarussecurity 1 Anti.virus 2025-04-20 N/A
In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Out of Bounds Write vulnerability because of not validating input values from IOCtl 0x83000058, a related issue to CVE-2017-17112.
CVE-2017-6307 2 Debian, Tnef Project 2 Debian Linux, Tnef 2025-04-20 N/A
An issue was discovered in tnef before 1.4.13. Two OOB Writes have been identified in src/mapi_attr.c:mapi_attr_read(). These might lead to invalid read and write operations, controlled by an attacker.
CVE-2017-12955 1 Exiv2 1 Exiv2 2025-04-20 N/A
There is a heap-based buffer overflow in basicio.cpp of Exiv2 0.26. The vulnerability causes an out-of-bounds write in Exiv2::Image::printIFDStructure(), which may lead to remote denial of service or possibly unspecified other impact.
CVE-2016-8710 1 Libbpg Project 1 Libbpg 2025-04-20 7.8 High
An exploitable heap write out of bounds vulnerability exists in the decoding of BPG images in Libbpg library. A crafted BPG image decoded by libbpg can cause an integer underflow vulnerability causing an out of bounds heap write leading to remote code execution. This vulnerability can be triggered via attempting to decode a crafted BPG image using Libbpg.
CVE-2017-13744 2 Liblouis, Redhat 2 Liblouis, Enterprise Linux 2025-04-20 N/A
There is an illegal address access in the function _lou_getALine() in compileTranslationTable.c:343 in Liblouis 3.2.0.
CVE-2017-14969 1 Ikarussecurity 1 Anti.virus 2025-04-20 N/A
In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x83000084, a related issue to CVE-2017-17114.
CVE-2017-2862 3 Debian, Gnome, Redhat 3 Debian Linux, Gdk-pixbuf, Enterprise Linux 2025-04-20 7.8 High
An exploitable heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2.36.6. A specially crafted jpeg file can cause a heap overflow resulting in remote code execution. An attacker can send a file or url to trigger this vulnerability.
CVE-2017-12953 1 Libgig0 1 Libgig 2025-04-20 N/A
The gig::Instrument::UpdateRegionKeyTable function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service (invalid memory write and application crash) via a crafted gig file.
CVE-2017-0453 1 Linux 1 Linux Kernel 2025-04-20 N/A
An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-33979145. References: QC-CR#1105085.
CVE-2016-8721 1 Moxa 2 Awk-3131a, Awk-3131a Firmware 2025-04-20 9.1 Critical
An exploitable OS Command Injection vulnerability exists in the web application 'ping' functionality of Moxa AWK-3131A Wireless Access Points running firmware 1.1. Specially crafted web form input can cause an OS Command Injection resulting in complete compromise of the vulnerable device. An attacker can exploit this vulnerability remotely.