Total
12603 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-5548 | 1 Linux | 1 Linux Kernel | 2024-08-05 | N/A |
drivers/net/ieee802154/atusb.c in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist. | ||||
CVE-2017-5511 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2024-08-05 | 9.8 Critical |
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow. | ||||
CVE-2017-5459 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2024-08-05 | N/A |
A buffer overflow in WebGL triggerable by web content, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. | ||||
CVE-2017-5495 | 2 Quagga, Redhat | 2 Quagga, Enterprise Linux | 2024-08-05 | N/A |
All versions of Quagga, 0.93 through 1.1.0, are vulnerable to an unbounded memory allocation in the telnet 'vty' CLI, leading to a Denial-of-Service of Quagga daemons, or even the entire host. When Quagga daemons are configured with their telnet CLI enabled, anyone who can connect to the TCP ports can trigger this vulnerability, prior to authentication. Most distributions restrict the Quagga telnet interface to local access only by default. The Quagga telnet interface 'vty' input buffer grows automatically, without bound, so long as a newline is not entered. This allows an attacker to cause the Quagga daemon to allocate unbounded memory by sending very long strings without a newline. Eventually the daemon is terminated by the system, or the system itself runs out of memory. This is fixed in Quagga 1.1.1 and Free Range Routing (FRR) Protocol Suite 2017-01-10. | ||||
CVE-2017-5522 | 2 Debian, Osgeo | 2 Debian Linux, Mapserver | 2024-08-05 | N/A |
Stack-based buffer overflow in MapServer before 6.0.6, 6.2.x before 6.2.4, 6.4.x before 6.4.5, and 7.0.x before 7.0.4 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via vectors involving WFS get feature requests. | ||||
CVE-2017-5485 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2024-08-05 | N/A |
The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in addrtoname.c:lookup_nsap(). | ||||
CVE-2017-5486 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2024-08-05 | N/A |
The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print(). | ||||
CVE-2017-5508 | 1 Imagemagick | 1 Imagemagick | 2024-08-05 | N/A |
Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF file. | ||||
CVE-2017-5505 | 1 Jasper Project | 1 Jasper | 2024-08-05 | N/A |
The jas_matrix_asl function in jas_seq.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted image. | ||||
CVE-2017-5483 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2024-08-05 | N/A |
The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse(). | ||||
CVE-2017-5469 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2024-08-05 | N/A |
Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. | ||||
CVE-2017-5482 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2024-08-05 | N/A |
The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2016-8575. | ||||
CVE-2017-5467 | 2 Mozilla, Redhat | 7 Firefox, Firefox Esr, Thunderbird and 4 more | 2024-08-05 | N/A |
A potential memory corruption and crash when using Skia content when drawing content outside of the bounds of a clipping region. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53. | ||||
CVE-2017-5471 | 1 Mozilla | 1 Firefox | 2024-08-05 | N/A |
Memory safety bugs were reported in Firefox 53. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 54. | ||||
CVE-2017-5430 | 2 Mozilla, Redhat | 7 Firefox, Firefox Esr, Thunderbird and 4 more | 2024-08-05 | N/A |
Memory safety bugs were reported in Firefox 52, Firefox ESR 52, and Thunderbird 52. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53. | ||||
CVE-2017-5470 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2024-08-05 | N/A |
Memory safety bugs were reported in Firefox 53 and Firefox ESR 52.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2. | ||||
CVE-2017-5484 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2024-08-05 | N/A |
The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print(). | ||||
CVE-2017-5429 | 3 Debian, Mozilla, Redhat | 8 Debian Linux, Firefox, Firefox Esr and 5 more | 2024-08-05 | N/A |
Memory safety bugs were reported in Firefox 52, Firefox ESR 45.8, Firefox ESR 52, and Thunderbird 52. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. | ||||
CVE-2017-5464 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2024-08-05 | N/A |
During DOM manipulations of the accessibility tree through script, the DOM tree can become out of sync with the accessibility tree, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. | ||||
CVE-2017-5444 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2024-08-05 | N/A |
A buffer overflow vulnerability while parsing "application/http-index-format" format content when the header contains improperly formatted data. This allows for an out-of-bounds read of data from memory. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. |