Total
12606 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-18295 | 1 Qualcomm | 38 Mdm9206, Mdm9206 Firmware, Mdm9607 and 35 more | 2024-08-05 | N/A |
Possible buffer overflow if input is not null terminated in DSP Service module in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDX20. | ||||
CVE-2017-18303 | 1 Qualcomm | 52 Mdm9206, Mdm9206 Firmware, Mdm9607 and 49 more | 2024-08-05 | N/A |
While processing the sensors registry configuration file, if inputs are not validated a buffer overflow will occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MMDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SDA660, SDX20. | ||||
CVE-2017-18379 | 1 Linux | 1 Linux Kernel | 2024-08-05 | 9.8 Critical |
In the Linux kernel before 4.14, an out of boundary access happened in drivers/nvme/target/fc.c. | ||||
CVE-2017-18283 | 1 Qualcomm | 18 Qca9379, Qca9379 Firmware, Sd210 and 15 more | 2024-08-05 | N/A |
Possible memory corruption when Read Val Blob Req is received with invalid parameters in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 625, SD 835, SD 845, SD 850, SDA660. | ||||
CVE-2017-18329 | 1 Qualcomm | 74 Mdm9615, Mdm9615 Firmware, Mdm9625 and 71 more | 2024-08-05 | N/A |
Possible Buffer overflow when transmitting an RTP packet in snapdragon automobile and snapdragon wear in versions MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 835, SD 845 / SD 850, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130 | ||||
CVE-2017-16869 | 1 Upx Project | 1 Upx | 2024-08-05 | N/A |
p_mach.cpp in UPX 3.94 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via a crafted Mach-O file, related to canPack and unpack functions. NOTE: the vendor has stated "there is no security implication whatsoever. | ||||
CVE-2017-16231 | 1 Pcre | 1 Pcre | 2024-08-05 | 5.5 Medium |
In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used | ||||
CVE-2017-18229 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2024-08-05 | N/A |
An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allows attackers to cause a denial of service via a crafted file, because file size is not properly used to restrict scanline, strip, and tile allocations. | ||||
CVE-2017-18269 | 2 Gnu, Linux | 2 Glibc, Linux Kernel | 2024-08-05 | N/A |
An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution. | ||||
CVE-2017-18221 | 1 Linux | 1 Linux Kernel | 2024-08-05 | N/A |
The __munlock_pagevec function in mm/mlock.c in the Linux kernel before 4.11.4 allows local users to cause a denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall and munlockall system calls. | ||||
CVE-2017-18199 | 2 Gnu, Redhat | 2 Libcdio, Enterprise Linux | 2024-08-05 | N/A |
realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (NULL Pointer Dereference) via a crafted iso file. | ||||
CVE-2017-18206 | 3 Canonical, Redhat, Zsh | 3 Ubuntu Linux, Enterprise Linux, Zsh | 2024-08-05 | N/A |
In utils.c in zsh before 5.4, symlink expansion had a buffer overflow. | ||||
CVE-2017-18193 | 1 Linux | 1 Linux Kernel | 2024-08-05 | N/A |
fs/f2fs/extent_cache.c in the Linux kernel before 4.13 mishandles extent trees, which allows local users to cause a denial of service (BUG) via an application with multiple threads. | ||||
CVE-2017-18202 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-08-05 | 7.0 High |
The __oom_reap_task_mm function in mm/oom_kill.c in the Linux kernel before 4.14.4 mishandles gather operations, which allows attackers to cause a denial of service (TLB entry leak or use-after-free) or possibly have unspecified other impact by triggering a copy_to_user call within a certain time window. | ||||
CVE-2017-18234 | 4 Canonical, Debian, Exempi Project and 1 more | 4 Ubuntu Linux, Debian Linux, Exempi and 1 more | 2024-08-05 | N/A |
An issue was discovered in Exempi before 2.4.3. It allows remote attackers to cause a denial of service (invalid memcpy with resultant use-after-free) or possibly have unspecified other impact via a .pdf file containing JPEG data, related to XMPFiles/source/FormatSupport/ReconcileTIFF.cpp, XMPFiles/source/FormatSupport/TIFF_MemoryReader.cpp, and XMPFiles/source/FormatSupport/TIFF_Support.hpp. | ||||
CVE-2017-18189 | 3 Debian, Redhat, Sound Exchange Project | 3 Debian Linux, Enterprise Linux, Sound Exchange | 2024-08-05 | N/A |
In the startread function in xa.c in Sound eXchange (SoX) through 14.4.2, a corrupt header specifying zero channels triggers an infinite loop with a resultant NULL pointer dereference, which may allow a remote attacker to cause a denial-of-service. | ||||
CVE-2017-18171 | 1 Qualcomm | 50 Qca9379, Qca9379 Firmware, Sd 205 and 47 more | 2024-08-05 | N/A |
Improper input validation for GATT data packet received in Bluetooth Controller function can lead to possible memory corruption in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, SD 850, SDM630, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016. | ||||
CVE-2017-18201 | 2 Gnu, Redhat | 2 Libcdio, Enterprise Linux | 2024-08-05 | N/A |
An issue was discovered in GNU libcdio before 2.0.0. There is a double free in get_cdtext_generic() in lib/driver/_cdio_generic.c. | ||||
CVE-2017-18222 | 1 Linux | 1 Linux Kernel | 2024-08-05 | N/A |
In the Linux kernel before 4.12, Hisilicon Network Subsystem (HNS) does not consider the ETH_SS_PRIV_FLAGS case when retrieving sset_count data, which allows local users to cause a denial of service (buffer overflow and memory corruption) or possibly have unspecified other impact, as demonstrated by incompatibility between hns_get_sset_count and ethtool_get_strings. | ||||
CVE-2017-18124 | 1 Qualcomm | 72 Fsm9055, Fsm9055 Firmware, Ipq4019 and 69 more | 2024-08-05 | N/A |
During secure boot, addition is performed on uint8 ptrs which led to overflow issue in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDX20 |