Total
12606 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-15101 | 2 Liblouis, Redhat | 7 Liblouis, Enterprise Linux, Enterprise Linux Desktop and 4 more | 2024-08-05 | N/A |
A missing patch for a stack-based buffer overflow in findTable() was found in Red Hat version of liblouis before 2.5.4. An attacker could cause a denial of service condition or potentially even arbitrary code execution. | ||||
CVE-2017-15252 | 1 Irfanview | 2 Irfanview, Pdf | 2024-08-05 | N/A |
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to a "Read Access Violation on Block Data Move starting at PDF!xmlListWalk+0x00000000000158cb." | ||||
CVE-2017-15243 | 1 Irfanview | 2 Irfanview, Pdf | 2024-08-05 | N/A |
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Possible Stack Corruption starting at PDF!xmlGetGlobalState+0x00000000000568a4." | ||||
CVE-2017-15128 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2024-08-05 | N/A |
A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12. A lack of size check could cause a denial of service (BUG). | ||||
CVE-2017-15249 | 1 Irfanview | 2 Irfanview, Pdf | 2024-08-05 | N/A |
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address controls Code Flow starting at PDF!xmlGetGlobalState+0x00000000000668d6." | ||||
CVE-2017-15221 | 1 Asx To Mp3 Converter Project | 1 Asx To Mp3 Converter | 2024-08-05 | 7.8 High |
ASX to MP3 converter 3.1.3.7.2010.11.05 has a buffer overflow via a crafted M3U file, a related issue to CVE-2009-1324. | ||||
CVE-2017-15241 | 1 Irfanview | 2 Irfanview, Pdf | 2024-08-05 | N/A |
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faulting Address controls Branch Selection starting at PDF!xmlParserInputRead+0x00000000000929f5." | ||||
CVE-2017-15239 | 1 Irfanview | 2 Irfanview, Pdf | 2024-08-05 | N/A |
IrfanView 4.44 - 32bit with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faulting Address may be used as a return value starting at PDF!xmlParserInputRead+0x0000000000040db4." | ||||
CVE-2017-15116 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Extras Rt | 2024-08-05 | N/A |
The rngapi_reset function in crypto/rng.c in the Linux kernel before 4.2 allows attackers to cause a denial of service (NULL pointer dereference). | ||||
CVE-2017-15096 | 2 Gluster, Redhat | 3 Glusterfs, Enterprise Linux, Storage | 2024-08-05 | N/A |
A flaw was found in GlusterFS in versions prior to 3.10. A null pointer dereference in send_brick_req function in glusterfsd/src/gf_attach.c may be used to cause denial of service. | ||||
CVE-2017-15046 | 1 Lame Project | 1 Lame | 2024-08-05 | 5.5 Medium |
LAME 3.99.5, 3.99.4, 3.98.4, 3.98.2, 3.98 and 3.97 have a stack-based buffer overflow in unpack_read_samples in frontend/get_audio.c, a different vulnerability than CVE-2017-9412. | ||||
CVE-2017-15035 | 1 Emtec | 1 Pyrobatchftp | 2024-08-05 | N/A |
EmTec PyroBatchFTP before 3.18 allows remote servers to cause a denial of service (application crash). | ||||
CVE-2017-14980 | 1 Flexense | 1 Syncbreeze | 2024-08-05 | N/A |
Buffer overflow in Sync Breeze Enterprise 10.0.28 allows remote attackers to have unspecified impact via a long username parameter to /login. | ||||
CVE-2017-15048 | 1 Zoom | 1 Zoom | 2024-08-05 | 8.8 High |
Stack-based buffer overflow in the ZoomLauncher binary in the Zoom client for Linux before 2.0.115900.1201 allows remote attackers to execute arbitrary code by leveraging the zoommtg:// scheme handler. | ||||
CVE-2017-15047 | 1 Redislabs | 1 Redis | 2024-08-05 | N/A |
The clusterLoadConfig function in cluster.c in Redis 4.0.2 allows attackers to cause a denial of service (out-of-bounds array index and application crash) or possibly have unspecified other impact by leveraging "limited access to the machine." | ||||
CVE-2017-15088 | 1 Mit | 1 Kerberos 5 | 2024-08-05 | 9.8 Critical |
plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) in situations involving untrusted X.509 data, related to the get_matching_data and X509_NAME_oneline_ex functions. NOTE: this has security relevance only in use cases outside of the MIT Kerberos distribution, e.g., the use of get_matching_data in KDC certauth plugin code that is specific to Red Hat. | ||||
CVE-2017-14929 | 1 Freedesktop | 1 Poppler | 2024-08-05 | N/A |
In Poppler 0.59.0, memory corruption occurs in a call to Object::dictLookup() in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opFill, Gfx::doPatternFill, Gfx::doTilingPatternFill and Gfx::drawForm calls (aka a Gfx.cc infinite loop), a different vulnerability than CVE-2017-14519. | ||||
CVE-2017-14866 | 1 Exiv2 | 1 Exiv2 | 2024-08-05 | N/A |
There is a heap-based buffer overflow in the Exiv2::s2Data function of types.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack. | ||||
CVE-2017-14864 | 3 Canonical, Debian, Exiv2 | 3 Ubuntu Linux, Debian Linux, Exiv2 | 2024-08-05 | 5.5 Medium |
An Invalid memory address dereference was discovered in Exiv2::getULong in types.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. | ||||
CVE-2017-14885 | 1 Google | 1 Android | 2024-08-05 | N/A |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, wma_unified_link_peer_stats_event_handler function has a variable num_rates which represents the sum of all the peer_stats->num_rates. The current behavior in this function is to validate only the num_rates of the first peer stats (peer_stats->num_rates) against WMA_SVC_MSG_MAX_SIZE, but not the sum of all the peer's num_rates (num_rates) which may lead to a buffer overflow when the firmware buffer is copied in to the allocated buffer (peer_stats) as the size for the memory allocation - link_stats_results_size is based on num_rates. |