Total
12603 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-5398 | 3 Debian, Mozilla, Redhat | 11 Debian Linux, Firefox, Firefox Esr and 8 more | 2024-08-05 | N/A |
Memory safety bugs were reported in Thunderbird 45.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8. | ||||
CVE-2017-5377 | 1 Mozilla | 1 Firefox | 2024-08-05 | N/A |
A memory corruption vulnerability in Skia that can occur when using transforms to make gradients, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 51. | ||||
CVE-2017-5400 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2024-08-05 | N/A |
JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8. | ||||
CVE-2017-5410 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2024-08-05 | N/A |
Memory corruption resulting in a potentially exploitable crash during garbage collection of JavaScript due errors in how incremental sweeping is managed for memory cleanup. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8. | ||||
CVE-2017-5332 | 5 Canonical, Debian, Icoutils Project and 2 more | 11 Ubuntu Linux, Debian Linux, Icoutils and 8 more | 2024-08-05 | 7.8 High |
The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable. | ||||
CVE-2017-5374 | 1 Mozilla | 1 Firefox | 2024-08-05 | N/A |
Memory safety bugs were reported in Firefox 50.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 51. | ||||
CVE-2017-5399 | 1 Mozilla | 2 Firefox, Thunderbird | 2024-08-05 | N/A |
Memory safety bugs were reported in Firefox 51. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 52 and Thunderbird < 52. | ||||
CVE-2017-5373 | 3 Debian, Mozilla, Redhat | 8 Debian Linux, Firefox, Firefox Esr and 5 more | 2024-08-05 | N/A |
Memory safety bugs were reported in Firefox 50.1 and Firefox ESR 45.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51. | ||||
CVE-2017-5336 | 3 Gnu, Opensuse, Redhat | 3 Gnutls, Leap, Enterprise Linux | 2024-08-05 | N/A |
Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate. | ||||
CVE-2017-5406 | 1 Mozilla | 2 Firefox, Thunderbird | 2024-08-05 | N/A |
A segmentation fault can occur in the Skia graphics library during some canvas operations due to issues with mask/clip intersection and empty masks. This vulnerability affects Firefox < 52 and Thunderbird < 52. | ||||
CVE-2017-5412 | 1 Mozilla | 2 Firefox, Thunderbird | 2024-08-05 | N/A |
A buffer overflow read during SVG filter color value operations, resulting in data exposure. This vulnerability affects Firefox < 52 and Thunderbird < 52. | ||||
CVE-2017-5413 | 1 Mozilla | 2 Firefox, Thunderbird | 2024-08-05 | N/A |
A segmentation fault can occur during some bidirectional layout operations. This vulnerability affects Firefox < 52 and Thunderbird < 52. | ||||
CVE-2017-5342 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2024-08-05 | N/A |
In tcpdump before 4.9.0, a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print(). | ||||
CVE-2017-5240 | 1 Rapid7 | 1 Appspider Pro | 2024-08-05 | N/A |
Editions of Rapid7 AppSpider Pro prior to version 6.14.060 contain a heap-based buffer overflow in the FLAnalyzer.exe component. A malicious or malformed Flash source file can cause a denial of service condition when parsed by this component, causing the application to crash. | ||||
CVE-2017-5238 | 1 Eviewgps | 2 Ev-07s Gps Tracker, Ev-07s Gps Tracker Firmware | 2024-08-05 | N/A |
Due to a lack of bounds checking, several input configuration fields for the Eview EV-07S GPS Tracker will overflow data stored in one variable to another, overwriting the data of another field. | ||||
CVE-2017-5341 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2024-08-05 | N/A |
The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print(). | ||||
CVE-2017-5392 | 2 Google, Mozilla | 2 Android, Firefox | 2024-08-05 | N/A |
Weak proxy objects have weak references on multiple threads when they should only have them on one, resulting in incorrect memory usage and corruption, which leads to potentially exploitable crashes. Note: This issue only affects Firefox for Android. Other operating systems are not affected. This vulnerability affects Firefox < 51. | ||||
CVE-2017-5364 | 1 Foxitsoftware | 1 Foxit Pdf Toolkit | 2024-08-05 | N/A |
Memory Corruption Vulnerability in Foxit PDF Toolkit v1.3 allows an attacker to cause Denial of Service and Remote Code Execution when the victim opens the specially crafted PDF file. The Vulnerability has been fixed in v2.0. | ||||
CVE-2017-5358 | 1 Easycom-aura | 1 Easycom For Php | 2024-08-05 | N/A |
Stack-based buffer overflows in php_Easycom5_3_0.dll in EasyCom for PHP 4.0.0.29 allows remote attackers to execute arbitrary code via the server argument to the (1) i5_connect, (2) i5_pconnect, or (3) i5_private_connect API function. | ||||
CVE-2017-5337 | 3 Gnu, Opensuse, Redhat | 3 Gnutls, Leap, Enterprise Linux | 2024-08-05 | N/A |
Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate. |