Total
12607 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-11571 | 1 Fontforge | 1 Fontforge | 2024-08-05 | N/A |
| FontForge 20161012 is vulnerable to a stack-based buffer overflow in addnibble (parsettf.c) resulting in DoS or code execution via a crafted otf file. | ||||
| CVE-2017-11628 | 2 Php, Redhat | 2 Php, Rhel Software Collections | 2024-08-05 | N/A |
| In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, a stack-based buffer overflow in the zend_ini_do_op() function in Zend/zend_ini_parser.c could cause a denial of service or potentially allow executing code. NOTE: this is only relevant for PHP applications that accept untrusted input (instead of the system's php.ini file) for the parse_ini_string or parse_ini_file function, e.g., a web application for syntax validation of php.ini directives. | ||||
| CVE-2017-11574 | 1 Fontforge | 1 Fontforge | 2024-08-05 | N/A |
| FontForge 20161012 is vulnerable to a heap-based buffer overflow in readcffset (parsettf.c) resulting in DoS or code execution via a crafted otf file. | ||||
| CVE-2017-11640 | 1 Imagemagick | 1 Imagemagick | 2024-08-05 | N/A |
| When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to an address access exception in the WritePTIFImage() function in coders/tiff.c. | ||||
| CVE-2017-11576 | 1 Fontforge | 1 Fontforge | 2024-08-05 | N/A |
| FontForge 20161012 does not ensure a positive size in a weight vector memcpy call in readcfftopdict (parsettf.c) resulting in DoS via a crafted otf file. | ||||
| CVE-2017-11592 | 1 Exiv2 | 1 Exiv2 | 2024-08-05 | N/A |
| There is a Mismatched Memory Management Routines vulnerability in the Exiv2::FileIo::seek function of Exiv2 0.26 that will lead to a remote denial of service attack (heap memory corruption) via crafted input. | ||||
| CVE-2017-11550 | 1 Libid3tag Project | 1 Libid3tag | 2024-08-05 | N/A |
| The id3_ucs4_length function in ucs4.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service (NULL Pointer Dereference and application crash) via a crafted mp3 file. | ||||
| CVE-2017-11563 | 1 Dlink | 2 Eyeon Baby Monitor, Eyeon Baby Monitor Firmware | 2024-08-05 | N/A |
| D-Link EyeOn Baby Monitor (DCS-825L) 1.08.1 has a remote code execution vulnerability. A UDP "Discover" service, which provides multiple functions such as changing the passwords and getting basic information, was installed on the device. A remote attacker can send a crafted UDP request to finderd to perform stack overflow and execute arbitrary code with root privilege on the device. | ||||
| CVE-2017-11552 | 1 Underbit | 1 Mad Libmad | 2024-08-05 | N/A |
| mpg321.c in mpg321 0.3.2-1 does not properly manage memory for use with libmad 0.15.1b, which allows remote attackers to cause a denial of service (memory corruption seen in a crash in the mad_decoder_run function in decoder.c in libmad) via a crafted MP3 file. | ||||
| CVE-2017-11551 | 1 Libid3tag Project | 1 Libid3tag | 2024-08-05 | N/A |
| The id3_field_parse function in field.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service (OOM) via a crafted MP3 file. | ||||
| CVE-2017-11548 | 1 Xiph | 1 Libao | 2024-08-05 | 5.5 Medium |
| The _tokenize_matrix function in audio_out.c in Xiph.Org libao 1.2.0 allows remote attackers to cause a denial of service (memory corruption) via a crafted MP3 file. | ||||
| CVE-2017-11543 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2024-08-05 | N/A |
| tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in print-sl.c. | ||||
| CVE-2017-11498 | 1 Gemalto | 1 Sentinel Ldk Rte | 2024-08-05 | N/A |
| Buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to shut down the remote process (a denial of service) via a language pack (ZIP file) with invalid HTML files. | ||||
| CVE-2017-11497 | 1 Gemalto | 1 Sentinel Ldk Rte | 2024-08-05 | N/A |
| Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to execute arbitrary code via language packs containing filenames longer than 1024 characters. | ||||
| CVE-2017-11496 | 1 Gemalto | 1 Sentinel Ldk Rte | 2024-08-05 | N/A |
| Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to execute arbitrary code via malformed ASN.1 streams in V2C and similar input files. | ||||
| CVE-2017-11420 | 1 Asuswrt-merlin Project | 56 Rt-ac1200, Rt-ac1200 Firmware, Rt-ac3100 and 53 more | 2024-08-05 | N/A |
| Stack-based buffer overflow in ASUS_Discovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code via long device information that is mishandled during a strcat to a device list. | ||||
| CVE-2017-11331 | 1 Xiph | 1 Vorbis-tools | 2024-08-05 | 5.5 Medium |
| The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (memory allocation error) via a crafted wav file. | ||||
| CVE-2017-11301 | 1 Adobe | 1 Digital Editions | 2024-08-05 | N/A |
| An issue was discovered in Adobe Digital Editions 4.5.6 and earlier versions. An exploitable memory corruption vulnerability exists, which could lead to disclosure of memory addresses. | ||||
| CVE-2017-11362 | 2 Php, Redhat | 2 Php, Rhel Software Collections | 2024-08-05 | N/A |
| In PHP 7.x before 7.0.21 and 7.1.x before 7.1.7, ext/intl/msgformat/msgformat_parse.c does not restrict the locale length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact within International Components for Unicode (ICU) for C/C++ via a long first argument to the msgfmt_parse_message function. | ||||
| CVE-2017-11303 | 1 Adobe | 1 Photoshop | 2024-08-05 | N/A |
| An issue was discovered in Adobe Photoshop 18.1.1 (2017.1.1) and earlier versions. An exploitable memory corruption vulnerability exists. Successful exploitation could lead to arbitrary code execution. | ||||