Total
12603 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-6187 | 1 Disksavvy | 1 Disksavvy Enterprise | 2024-08-05 | N/A |
Buffer overflow in the built-in web server in DiskSavvy Enterprise 9.4.18 allows remote attackers to execute arbitrary code via a long URI in a GET request. | ||||
CVE-2017-6191 | 1 Apng Disassembler Project | 1 Apng Disassembler | 2024-08-05 | N/A |
Buffer overflow in APNGDis 2.8 and below allows a remote attacker to execute arbitrary code via a crafted filename. | ||||
CVE-2017-6023 | 1 Fatek | 5 Ethernet Module Configuration Tool Cbe Firmware, Ethernet Module Configuration Tool Cbeh Firmware, Ethernet Module Configuration Tool Cm25e Firmware and 2 more | 2024-08-05 | 9.8 Critical |
An issue was discovered in Fatek Automation PLC Ethernet Module. The affected Ether_cfg software configuration tool runs on the following Fatek PLCs: CBEH versions prior to V3.6 Build 170215, CBE versions prior to V3.6 Build 170215, CM55E versions prior to V3.6 Build 170215, and CM25E versions prior to V3.6 Build 170215. A stack-based buffer overflow vulnerability has been identified, which may allow remote code execution or crash the affected device. | ||||
CVE-2017-6009 | 3 Debian, Icoutils Project, Redhat | 9 Debian Linux, Icoutils, Enterprise Linux and 6 more | 2024-08-05 | N/A |
An issue was discovered in icoutils 0.31.1. A buffer overflow was observed in the "decode_ne_resource_id" function in the "restable.c" source file. This is happening because the "len" parameter for memcpy is not checked for size and thus becomes a negative integer in the process, resulting in a failed memcpy. This affects wrestool. | ||||
CVE-2017-6037 | 1 We-con | 1 Levi Studio Hmi Editor | 2024-08-05 | N/A |
A Heap-Based Buffer Overflow issue was discovered in Wecon Technologies LEVI Studio HMI Editor before 1.8.1. This vulnerability causes a buffer overflow when a maliciously crafted project file is run by the system. | ||||
CVE-2017-5950 | 1 Yaml-cpp Project | 1 Yaml-cpp | 2024-08-05 | N/A |
The SingleDocParser::HandleNode function in yaml-cpp (aka LibYaml-C++) 0.5.3 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file. | ||||
CVE-2017-5994 | 1 Virglrenderer Project | 1 Virglrenderer | 2024-08-05 | N/A |
Heap-based buffer overflow in the vrend_create_vertex_elements_state function in vrend_renderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and crash) via the num_elements parameter. | ||||
CVE-2017-6007 | 1 Sophos | 1 Hitmanpro | 2024-08-05 | N/A |
A kernel pool overflow in the driver hitmanpro37.sys in Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean) allows local users to crash the OS via a malformed IOCTL call. | ||||
CVE-2017-6035 | 1 We-con | 1 Levi Studio Hmi Editor | 2024-08-05 | N/A |
A Stack-Based Buffer Overflow issue was discovered in Wecon Technologies LEVI Studio HMI Editor before 1.8.1. This vulnerability causes a buffer overflow, which could result in denial of service when a malicious project file is run on the system. | ||||
CVE-2017-6025 | 1 Codesys | 1 Web Server | 2024-08-05 | N/A |
A Stack Buffer Overflow issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A malicious user could overflow the stack buffer by providing overly long strings to functions that handle the XML. Because the function does not verify string size before copying to memory, the attacker may then be able to crash the application or run arbitrary code. | ||||
CVE-2017-5974 | 2 Debian, Zziplib Project | 2 Debian Linux, Zziplib | 2024-08-05 | 5.5 Medium |
Heap-based buffer overflow in the __zzip_get32 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file. | ||||
CVE-2017-6008 | 1 Sophos | 1 Hitmanpro | 2024-08-05 | N/A |
A kernel pool overflow in the driver hitmanpro37.sys in Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean) allows local users to escalate privileges via a malformed IOCTL call. | ||||
CVE-2017-6010 | 3 Debian, Icoutils Project, Redhat | 9 Debian Linux, Icoutils, Enterprise Linux and 6 more | 2024-08-05 | N/A |
An issue was discovered in icoutils 0.31.1. A buffer overflow was observed in the "extract_icons" function in the "extract.c" source file. This issue can be triggered by processing a corrupted ico file and will result in an icotool crash. | ||||
CVE-2017-5881 | 1 Gomlab | 1 Gom Player | 2024-08-05 | N/A |
GOM Player 2.3.10.5266 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted fpx file. | ||||
CVE-2017-5886 | 1 Podofo Project | 1 Podofo | 2024-08-05 | N/A |
Heap-based buffer overflow in the PoDoFo::PdfTokenizer::GetNextToken function in PdfTokenizer.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file. | ||||
CVE-2017-5731 | 2 Redhat, Tianocore | 2 Enterprise Linux, Edk2 | 2024-08-05 | 7.8 High |
Bounds checking in Tianocompress before November 7, 2017 may allow an authenticated user to potentially enable an escalation of privilege via local access. | ||||
CVE-2017-5789 | 1 Hp | 2 Loadrunner, Performance Center | 2024-08-05 | N/A |
HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. At least in LoadRunner, this is a libxdrutil.dll mxdr_string heap-based buffer overflow. | ||||
CVE-2017-5581 | 2 Redhat, Tigervnc | 2 Enterprise Linux, Tigervnc | 2024-08-05 | N/A |
Buffer overflow in the ModifiablePixelBuffer::fillRect function in TigerVNC before 1.7.1 allows remote servers to execute arbitrary code via an RRE message with subrectangle outside framebuffer boundaries. | ||||
CVE-2017-5547 | 1 Linux | 1 Linux Kernel | 2024-08-05 | 7.8 High |
drivers/hid/hid-corsair.c in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist. | ||||
CVE-2017-5580 | 1 Virglrenderer Project | 1 Virglrenderer | 2024-08-05 | N/A |
The parse_instruction function in gallium/auxiliary/tgsi/tgsi_text.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and process crash) via a crafted texture instruction. |