Total
2850 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-11142 | 1 Php | 1 Php | 2024-08-05 | N/A |
In PHP before 5.6.31, 7.x before 7.0.17, and 7.1.x before 7.1.3, remote attackers could cause a CPU consumption denial of service attack by injecting long form variables, related to main/php_variables.c. | ||||
CVE-2017-10922 | 1 Xen | 1 Xen | 2024-08-05 | N/A |
The grant-table feature in Xen through 4.8.x mishandles MMIO region grant references, which allows guest OS users to cause a denial of service (loss of grant trackability), aka XSA-224 bug 3. | ||||
CVE-2017-10799 | 1 Graphicsmagick | 1 Graphicsmagick | 2024-08-05 | N/A |
When GraphicsMagick 1.3.25 processes a DPX image (with metadata indicating a large width) in coders/dpx.c, a denial of service (OOM) can occur in ReadDPXImage(). | ||||
CVE-2017-10800 | 1 Graphicsmagick | 1 Graphicsmagick | 2024-08-05 | N/A |
When GraphicsMagick 1.3.25 processes a MATLAB image in coders/mat.c, it can lead to a denial of service (OOM) in ReadMATImage() if the size specified for a MAT Object is larger than the actual amount of data. | ||||
CVE-2024-21914 | 2024-08-05 | 5.3 Medium | ||
A vulnerability exists in the affected product that allows a malicious user to restart the Rockwell Automation PanelView™ Plus 7 terminal remotely without security protections. If the vulnerability is exploited, it could lead to the loss of view or control of the PanelView™ product. | ||||
CVE-2017-9845 | 1 Sap | 1 Netweaver | 2024-08-05 | N/A |
disp+work 7400.12.21.30308 in SAP NetWeaver 7.40 allows remote attackers to cause a denial of service (resource consumption) via a crafted DIAG request, aka SAP Security Note 2405918. | ||||
CVE-2017-9778 | 1 Gnu | 1 Gdb | 2024-08-05 | N/A |
GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze malware with GDB. | ||||
CVE-2017-9815 | 2 Canonical, Libtiff | 2 Ubuntu Linux, Libtiff | 2024-08-05 | N/A |
In LibTIFF 4.0.7, the TIFFReadDirEntryLong8Array function in libtiff/tif_dirread.c mishandles a malloc operation, which allows attackers to cause a denial of service (memory leak within the function _TIFFmalloc in tif_unix.c) via a crafted file. | ||||
CVE-2017-9763 | 1 Radare | 1 Radare2 | 2024-08-05 | N/A |
The grub_ext2_read_block function in fs/ext2.c in GNU GRUB before 2013-11-12, as used in shlr/grub/fs/ext2.c in radare2 1.5.0, allows remote attackers to cause a denial of service (excessive stack use and application crash) via a crafted binary file, related to use of a variable-size stack array. | ||||
CVE-2017-9732 | 1 Secure-endpoints | 1 Kerberised Netcat | 2024-08-05 | N/A |
The read_packet function in knc (Kerberised NetCat) before 1.11-1 is vulnerable to denial of service (memory exhaustion) that can be exploited remotely without authentication, possibly affecting another services running on the targeted host. | ||||
CVE-2017-8804 | 1 Gnu | 1 Glibc | 2024-08-05 | N/A |
The xdr_bytes and xdr_string functions in the GNU C Library (aka glibc or libc6) 2.25 mishandle failures of buffer deserialization, which allows remote attackers to cause a denial of service (virtual memory allocation, or memory consumption if an overcommit setting is not used) via a crafted UDP packet to port 111, a related issue to CVE-2017-8779. NOTE: [Information provided from upstream and references | ||||
CVE-2017-9627 | 1 Schneider-electric | 1 Wonderware Archestra Logger | 2024-08-05 | 8.6 High |
An Uncontrolled Resource Consumption issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. The uncontrolled resource consumption vulnerability could allow an attacker to exhaust the memory resources of the machine, causing a denial of service. | ||||
CVE-2017-9259 | 1 Surina | 1 Soundtouch | 2024-08-05 | N/A |
The TDStretch::acceptNewOverlapLength function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (memory allocation error and application crash) via a crafted wav file. | ||||
CVE-2017-9119 | 2 Netapp, Php | 3 Clustered Data Ontap, Storage Automation Store, Php | 2024-08-05 | N/A |
The i_zval_ptr_dtor function in Zend/zend_variables.h in PHP 7.1.5 allows attackers to cause a denial of service (memory consumption and application crash) or possibly have unspecified other impact by triggering crafted operations on array data structures. | ||||
CVE-2017-9129 | 1 Audiocoding | 1 Freeware Advanced Audio Coder | 2024-08-05 | N/A |
The wav_open_read function in frontend/input.c in Freeware Advanced Audio Coder (FAAC) 1.28 allows remote attackers to cause a denial of service (large loop) via a crafted wav file. | ||||
CVE-2017-9118 | 3 Netapp, Php, Redhat | 3 Storage Automation Store, Php, Rhel Software Collections | 2024-08-05 | 7.5 High |
PHP 7.1.5 has an Out of bounds access in php_pcre_replace_impl via a crafted preg_replace call. | ||||
CVE-2017-9104 | 3 Fedoraproject, Gnu, Opensuse | 3 Fedora, Adns, Leap | 2024-08-05 | 9.8 Critical |
An issue was discovered in adns before 1.5.2. It hangs, eating CPU, if a compression pointer loop is encountered. | ||||
CVE-2017-8779 | 4 Libtirpc Project, Ntirpc Project, Redhat and 1 more | 6 Libtirpc, Ntirpc, Ceph Storage and 3 more | 2024-08-05 | N/A |
rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service (memory consumption with no subsequent free) via a crafted UDP packet to port 111, aka rpcbomb. | ||||
CVE-2017-8452 | 1 Elastic | 1 Kibana | 2024-08-05 | N/A |
Kibana versions prior to 5.2.1 configured for SSL client access, file descriptors will fail to be cleaned up after certain requests and will accumulate over time until the process crashes. | ||||
CVE-2017-8421 | 1 Gnu | 1 Binutils | 2024-08-05 | N/A |
The function coff_set_alignment_hook in coffcode.h in Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a memory leak vulnerability which can cause memory exhaustion in objdump via a crafted PE file. Additional validation in dump_relocs_in_section in objdump.c can resolve this. |