Total
12606 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-16930 | 1 Claymore Dual Miner Project | 1 Claymore Dual Miner | 2024-08-05 | N/A |
The remote management interface on the Claymore Dual GPU miner 10.1 allows an unauthenticated remote attacker to execute arbitrary code due to a stack-based buffer overflow in the request handler. This can be exploited via a long API request that is mishandled during logging. | ||||
CVE-2017-16995 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-08-05 | 7.8 High |
The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.4 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect sign extension. | ||||
CVE-2017-16938 | 1 Optipng Project | 1 Optipng | 2024-08-05 | N/A |
A global buffer overflow in OptiPNG 0.7.6 allows remote attackers to cause a denial-of-service attack or other unspecified impact with a maliciously crafted GIF format file, related to an uncontrolled loop in the LZWReadByte function of the gifread.c file. | ||||
CVE-2017-16929 | 1 Claymore Dual Miner Project | 1 Claymore Dual Miner | 2024-08-05 | N/A |
The remote management interface on the Claymore Dual GPU miner 10.1 is vulnerable to an authenticated directory traversal vulnerability exploited by issuing a specially crafted request, allowing a remote attacker to read/write arbitrary files. This can be exploited via ../ sequences in the pathname to miner_file or miner_getfile. | ||||
CVE-2017-16931 | 1 Xmlsoft | 1 Libxml2 | 2024-08-05 | N/A |
parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name. | ||||
CVE-2017-16902 | 1 Vonage | 2 Vdv-23, Vdv-23 Firmware | 2024-08-05 | N/A |
On the Vonage VDV-23 115 3.2.11-0.9.40 home router, sending a long string of characters in the loginPassword and/or loginUsername field to goform/login causes the router to reboot. | ||||
CVE-2017-16909 | 2 Canonical, Libraw | 2 Ubuntu Linux, Libraw | 2024-08-05 | N/A |
An error related to the "LibRaw::panasonic_load_raw()" function (dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image. | ||||
CVE-2017-16872 | 2 Debian, Teluu | 2 Debian Linux, Pjsip | 2024-08-05 | N/A |
An issue was discovered in Teluu pjproject (pjlib and pjlib-util) in PJSIP before 2.7.1. Parsing the numeric header fields in a SIP message (like cseq, ttl, port, etc.) all had the potential to overflow, either causing unintended values to be captured or, if the values were subsequently converted back to strings, a buffer overrun. This will lead to a potential exploit using carefully crafted invalid values. | ||||
CVE-2017-16898 | 1 Libming | 1 Libming | 2024-08-05 | N/A |
The printMP3Headers function in util/listmp3.c in libming v0.4.8 or earlier is vulnerable to a global buffer overflow, which may allow attackers to cause a denial of service via a crafted file, a different vulnerability than CVE-2016-9264. | ||||
CVE-2017-16927 | 2 Debian, Neutrinolabs | 2 Debian Linux, Xrdp | 2024-08-05 | N/A |
The scp_v0s_accept function in sesman/libscp/libscp_v0.c in the session manager in xrdp through 0.9.4 uses an untrusted integer as a write length, which allows local users to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted input stream. | ||||
CVE-2017-16844 | 2 Procmail, Redhat | 2 Procmail, Enterprise Linux | 2024-08-05 | N/A |
Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than CVE-2014-3618. | ||||
CVE-2017-16796 | 1 Swftools | 1 Swftools | 2024-08-05 | N/A |
In SWFTools 0.9.2, the png_load function in lib/png.c does not check the return value of a realloc call, which allows remote attackers to cause a denial of service (invalid write and application crash) or possibly have unspecified other impact via vectors involving an IDAT tag in a crafted PNG file. | ||||
CVE-2017-16820 | 2 Collectd, Redhat | 5 Collectd, Enterprise Linux, Openstack-optools and 2 more | 2024-08-05 | N/A |
The csnmp_read_table function in snmp.c in the SNMP plugin in collectd before 5.6.3 is susceptible to a double free in a certain error case, which could lead to a crash (or potentially have other impact). | ||||
CVE-2017-16826 | 1 Gnu | 1 Binutils | 2024-08-05 | N/A |
The coff_slurp_line_table function in coffcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via a crafted PE file. | ||||
CVE-2017-16740 | 1 Rockwellautomation | 12 1766-l32awa, 1766-l32awa Firmware, 1766-l32awaa and 9 more | 2024-08-05 | N/A |
A Buffer Overflow issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers, Series B and C Versions 21.002 and earlier. The stack-based buffer overflow vulnerability has been identified, which may allow remote code execution. | ||||
CVE-2017-16803 | 1 Libav | 1 Libav | 2024-08-05 | N/A |
In Libav through 11.11 and 12.x through 12.1, the smacker_decode_tree function in libavcodec/smacker.c does not properly restrict tree recursion, which allows remote attackers to cause a denial of service (bitstream.c:build_table() out-of-bounds read and application crash) via a crafted Smacker stream. | ||||
CVE-2017-16827 | 1 Gnu | 1 Binutils | 2024-08-05 | N/A |
The aout_get_external_symbols function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (slurp_symtab invalid free and application crash) or possibly have unspecified other impact via a crafted ELF file. | ||||
CVE-2017-16739 | 1 We-con | 2 Levistudio Hmi Editor, Levistudio Hmi Editor Firmware | 2024-08-05 | N/A |
An issue was discovered in WECON Technology LEVI Studio HMI Editor v1.8.29 and prior. Specially-crafted malicious files may be able to cause stack-based buffer overflow vulnerabilities, which may allow remote code execution. | ||||
CVE-2017-16737 | 1 We-con | 2 Levistudio Hmi Editor, Levistudio Hmi Editor Firmware | 2024-08-05 | N/A |
An issue was discovered in WECON Technology LEVI Studio HMI Editor v1.8.29 and prior. A specially-crafted malicious file may be able to cause a heap-based buffer overflow vulnerability when opened by a user. | ||||
CVE-2017-16725 | 1 Xiongmaitech | 269 Ahb7004t-g-v4, Ahb7004t-g-v4 Firmware, Ahb7004t-gl-v4 and 266 more | 2024-08-05 | N/A |
A Stack-based Buffer Overflow issue was discovered in Xiongmai Technology IP Cameras and DVRs using the NetSurveillance Web interface. The stack-based buffer overflow vulnerability has been identified, which may allow an attacker to execute code remotely or crash the device. After rebooting, the device restores itself to a more vulnerable state in which Telnet is accessible. |