Total
12603 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-2794 | 1 Marklogic | 1 Marklogic | 2024-08-05 | N/A |
| An exploitable stack-based buffer overflow vulnerability exists in the DHFSummary functionality of AntennaHouse DMC HTMLFilter as used by MarkLogic 8.0-6. A specially crafted PPT file can cause a stack corruption resulting in arbitrary code execution. An attacker can send/provide malicious PPT file to trigger this vulnerability. | ||||
| CVE-2017-2785 | 1 Pharos | 1 Popup | 2024-08-05 | N/A |
| An exploitable buffer overflow exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim's computer and can lead to a heap based buffer overflow resulting in remote code execution. This client is always listening, has root privileges, and requires no user interaction to exploit. | ||||
| CVE-2017-2788 | 1 Pharos | 1 Popup | 2024-08-05 | 10.0 Critical |
| A buffer overflows exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim's computer and can lead to a heap based buffer overflow resulting in potential remote code execution. This client is always listening, has root privileges, and requires no user interaction to exploit. | ||||
| CVE-2017-2798 | 1 Marklogic | 1 Marklogic | 2024-08-05 | N/A |
| An exploitable heap corruption vulnerability exists in the GetIndexArray functionality of Antenna House DMC HTMLFilter as used by MarkLogic 8.0-6. A specially crafted XLS file can cause a heap corruption resulting in arbitrary code execution. An attacker can send or provide a malicious XLS file to trigger this vulnerability. | ||||
| CVE-2017-2783 | 1 Marklogic | 1 Marklogic | 2024-08-05 | N/A |
| An exploitable heap corruption vulnerability exists in the FillRowFormat functionality of Antenna House DMC HTMLFilter that is shipped with MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious xls file to trigger this vulnerability. | ||||
| CVE-2017-2793 | 1 Marklogic | 1 Marklogic | 2024-08-05 | N/A |
| An exploitable heap corruption vulnerability exists in the UnCompressUnicode functionality of Antenna House DMC HTMLFilter used by MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious XLS file to trigger this vulnerability. | ||||
| CVE-2017-2819 | 1 Hancom | 2 Hangul Word Processor, Thinkfree Office Neo | 2024-08-05 | N/A |
| An exploitable heap-based buffer overflow exists in the Hangul Word Processor component (version 9.6.1.4350) of Hancom Thinkfree Office NEO 9.6.1.4902. A specially crafted document stream can cause an integer underflow resulting in a buffer overflow which can lead to code execution under the context of the application. An attacker can entice a user to open up a document in order to trigger this vulnerability. | ||||
| CVE-2017-2790 | 1 Justsystems | 1 Ichitaro | 2024-08-05 | N/A |
| When processing a record type of 0x3c from a Workbook stream from an Excel file (.xls), JustSystems Ichitaro Office trusts that the size is greater than zero, subtracts one from the length, and uses this result as the size for a memcpy. This results in a heap-based buffer overflow and can lead to code execution under the context of the application. | ||||
| CVE-2017-2787 | 1 Pharos | 1 Popup | 2024-08-05 | N/A |
| A buffer overflows exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim's computer and can lead to a heap based buffer overflow resulting in potential remote code execution. This client is always listening, has root privileges, and requires no user interaction to exploit. | ||||
| CVE-2017-2668 | 2 Fedoraproject, Redhat | 5 389 Directory Server, Enterprise Linux, Enterprise Linux Desktop and 2 more | 2024-08-05 | N/A |
| 389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an invalid pointer dereference in the way LDAP bind requests are handled. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service. | ||||
| CVE-2017-2697 | 1 Huawei | 10 Gt3, Gt3 Firmware, Honor 5c and 7 more | 2024-08-05 | N/A |
| The goldeneye driver in NMO-L31C432B120 and earlier versions,NEM-L21C432B100 and earlier versions,NEM-L51C432B120 and earlier versions,KNT-AL10C746B160 and earlier versions,VNS-L21C185B142 and earlier versions,CAM-L21C10B130 and earlier versions,CAM-L21C185B141 and earlier versions has buffer overflow vulnerability. An attacker with the root privilege of the Android system can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to crash the system or escalate privilege. | ||||
| CVE-2017-2630 | 2 Qemu, Redhat | 2 Qemu, Enterprise Linux | 2024-08-05 | N/A |
| A stack buffer overflow flaw was found in the Quick Emulator (QEMU) before 2.9 built with the Network Block Device (NBD) client support. The flaw could occur while processing server's response to a 'NBD_OPT_LIST' request. A malicious NBD server could use this issue to crash a remote NBD client resulting in DoS or potentially execute arbitrary code on client host with privileges of the QEMU process. | ||||
| CVE-2017-2634 | 2 Linux, Redhat | 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2024-08-05 | N/A |
| It was found that the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation before 2.6.22.17 used the IPv4-only inet_sk_rebuild_header() function for both IPv4 and IPv6 DCCP connections, which could result in memory corruptions. A remote attacker could use this flaw to crash the system. | ||||
| CVE-2017-2544 | 1 Apple | 2 Iphone Os, Safari | 2024-08-05 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | ||||
| CVE-2017-2541 | 1 Apple | 1 Mac Os X | 2024-08-05 | N/A |
| An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "WindowServer" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | ||||
| CVE-2017-2525 | 1 Apple | 3 Iphone Os, Safari, Tvos | 2024-08-05 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | ||||
| CVE-2017-2543 | 1 Apple | 1 Mac Os X | 2024-08-05 | N/A |
| An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Multi-Touch" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | ||||
| CVE-2017-2539 | 1 Apple | 2 Iphone Os, Safari | 2024-08-05 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | ||||
| CVE-2017-2523 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-08-05 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "Foundation" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted data. | ||||
| CVE-2017-2547 | 1 Apple | 2 Iphone Os, Safari | 2024-08-05 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | ||||