Total
2998 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-17863 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-08-05 | N/A |
| kernel/bpf/verifier.c in the Linux kernel 4.9.x through 4.9.71 does not check the relationship between pointer values and the BPF stack, which allows local users to cause a denial of service (integer overflow or invalid memory access) or possibly have unspecified other impact. | ||||
| CVE-2017-17723 | 1 Exiv2 | 1 Exiv2 | 2024-08-05 | N/A |
| In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::Image::byteSwap4 function in image.cpp. Remote attackers can exploit this vulnerability to disclose memory data or cause a denial of service via a crafted TIFF file. | ||||
| CVE-2017-17725 | 1 Exiv2 | 1 Exiv2 | 2024-08-05 | N/A |
| In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp. Remote attackers can exploit the vulnerability to cause a denial of service via a crafted image file. Note that this vulnerability is different from CVE-2017-14864, which is an invalid memory address dereference. | ||||
| CVE-2017-17724 | 2 Exiv2, Redhat | 2 Exiv2, Enterprise Linux | 2024-08-05 | N/A |
| In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::IptcData::printStructure function in iptc.cpp, related to the "!= 0x1c" case. Remote attackers can exploit this vulnerability to cause a denial of service via a crafted TIFF file. | ||||
| CVE-2017-17409 | 1 Bitdefender | 1 Internet Security 2018 | 2024-08-05 | N/A |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security 2018. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within emulator 0x10A in cevakrnl.xmd. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. An attacker can leverage this vulnerability to execute code under the context of SYSTEM. Was ZDI-CAN-5102. | ||||
| CVE-2017-17408 | 1 Bitdefender | 1 Internet Security 2018 | 2024-08-05 | N/A |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security 2018. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within cevakrnl.xmd. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code under the context of SYSTEM. Was ZDI-CAN-5101. | ||||
| CVE-2017-17328 | 1 Huawei | 2 Mha-al00a, Mha-al00a Firmware | 2024-08-05 | N/A |
| Huawei smartphones with software of MHA-AL00AC00B125 have an integer overflow vulnerability. The software does not process certain variable properly when handle certain process. An attacker tricks the user who has root privilege to install a crafted application, successful exploit could cause information disclosure. | ||||
| CVE-2017-17324 | 1 Huawei | 2 Mate 9 Pro, Mate 9 Pro Firmware | 2024-08-05 | N/A |
| Huawei Mate 9 Pro smartphones with software LON-AL00BC00B139D; LON-AL00BC00B229 have an integer overflow vulnerability. The camera driver does not validate the external input parameters and causes an integer overflow, which in the after processing results in a buffer overflow. An attacker tricks the user to install a crafted application, successful exploit could cause malicious code execution. | ||||
| CVE-2017-17183 | 1 Huawei | 12 Dp300, Dp300 Firmware, Rp200 and 9 more | 2024-08-05 | N/A |
| Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an integer overflow vulnerability. Due to insufficient input validation, an authenticated, remote attacker could send malformed SOAP packets to the target device. Successful exploit could cause an integer overflow and might reset a process. | ||||
| CVE-2017-17184 | 1 Huawei | 12 Dp300, Dp300 Firmware, Rp200 and 9 more | 2024-08-05 | N/A |
| Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an integer overflow vulnerability. Due to insufficient input validation, an authenticated, remote attacker could send malformed SOAP packets to the target device. Successful exploit could cause an integer overflow and might reset a process. | ||||
| CVE-2017-17288 | 1 Huawei | 12 Dp300, Dp300 Firmware, Rp200 and 9 more | 2024-08-05 | N/A |
| Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an integer overflow vulnerability. An unauthenticated, remote attacker may send specially crafted messages to the affected products. Due to insufficient input validation, successful exploit may cause integer overflow and some process abnormal. | ||||
| CVE-2017-17147 | 1 Huawei | 2 Dp300, Dp300 Firmware | 2024-08-05 | N/A |
| Huawei DP300 V500R002C00 have an integer overflow vulnerability due to the lack of validation. An authenticated local attacker can craft specific XML files to the affected products and parse this file, which result in DoS attacks. | ||||
| CVE-2017-17187 | 1 Huawei | 12 Dp300, Dp300 Firmware, Rp200 and 9 more | 2024-08-05 | N/A |
| Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an integer overflow vulnerability. Due to insufficient input validation, an authenticated, remote attacker could send malformed SOAP packets to the target device. Successful exploit could cause an integer overflow and might reset a process. | ||||
| CVE-2017-17122 | 1 Gnu | 1 Binutils | 2024-08-05 | N/A |
| The dump_relocs_in_section function in objdump.c in GNU Binutils 2.29.1 does not check for reloc count integer overflows, which allows remote attackers to cause a denial of service (excessive memory allocation, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PE file. | ||||
| CVE-2017-16831 | 1 Gnu | 1 Binutils | 2024-08-05 | N/A |
| coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate the symbol count, which allows remote attackers to cause a denial of service (integer overflow and application crash, or excessive memory allocation) or possibly have unspecified other impact via a crafted PE file. | ||||
| CVE-2017-16828 | 1 Gnu | 1 Binutils | 2024-08-05 | N/A |
| The display_debug_frames function in dwarf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (integer overflow and heap-based buffer over-read, and application crash) or possibly have unspecified other impact via a crafted ELF file, related to print_debug_frame. | ||||
| CVE-2017-16797 | 1 Swftools | 1 Swftools | 2024-08-05 | N/A |
| In SWFTools 0.9.2, the png_load function in lib/png.c does not properly validate an alloclen_64 multiplication of width and height values, which allows remote attackers to cause a denial of service (integer overflow, heap-based buffer overflow, and application crash) or possibly have unspecified other impact via a crafted PNG file. | ||||
| CVE-2017-16832 | 1 Gnu | 1 Binutils | 2024-08-05 | N/A |
| The pe_bfd_read_buildid function in peicode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate size and offset values in the data dictionary, which allows remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via a crafted PE file. | ||||
| CVE-2017-16830 | 1 Gnu | 1 Binutils | 2024-08-05 | N/A |
| The print_gnu_property_note function in readelf.c in GNU Binutils 2.29.1 does not have integer-overflow protection on 32-bit platforms, which allows remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via a crafted ELF file. | ||||
| CVE-2017-16612 | 3 Canonical, Debian, X | 3 Ubuntu Linux, Debian Linux, Libxcursor | 2024-08-05 | N/A |
| libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcursor.c in Wayland through 1.14.0. | ||||