Total
6561 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-9620 | 1 Artifex | 1 Ghostscript Ghostxps | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| The xps_select_font_encoding function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document, related to the xps_encode_font_char_imp function. | |||||
| CVE-2017-9611 | 2 Artifex, Debian | 2 Ghostscript, Debian Linux | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| The Ins_MIRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | |||||
| CVE-2017-9610 | 1 Artifex | 1 Ghostscript Ghostxps | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| The xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | |||||
| CVE-2017-9545 | 1 Mpg123 | 1 Mpg123 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The next_text function in src/libmpg123/id3.c in mpg123 1.24.0 allows remote attackers to cause a denial of service (buffer over-read) via a crafted mp3 file. | |||||
| CVE-2017-9474 | 1 Ytnef Project | 1 Ytnef | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| In ytnef 1.9.2, the DecompressRTF function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. | |||||
| CVE-2017-9472 | 1 Ytnef Project | 1 Ytnef | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| In ytnef 1.9.2, the SwapDWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. | |||||
| CVE-2017-9471 | 2 Canonical, Ytnef Project | 2 Ubuntu Linux, Ytnef | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| In ytnef 1.9.2, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. | |||||
| CVE-2017-9465 | 1 Virustotal | 1 Yara | 2024-11-21 | 5.8 MEDIUM | 7.1 HIGH |
| The yr_arena_write_data function in YARA 3.6.1 allows remote attackers to cause a denial of service (buffer over-read and application crash) or obtain sensitive information from process memory via a crafted file that is mishandled in the yr_re_fast_exec function in libyara/re.c and the _yr_scan_match_callback function in libyara/scan.c. | |||||
| CVE-2017-9454 | 1 Resiprocate | 1 Resiprocate | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Buffer overflow in the ares_parse_a_reply function in the embedded ares library in ReSIProcate before 1.12.0 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted DNS response. | |||||
| CVE-2017-9434 | 1 Cryptopp | 1 Crypto\+\+ | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Crypto++ (aka cryptopp) through 5.6.5 contains an out-of-bounds read vulnerability in zinflate.cpp in the Inflator filter. | |||||
| CVE-2017-9359 | 1 Digium | 2 Certified Asterisk, Open Source | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The multi-part body parser in PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before 13.13-cert4, and other products, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet. | |||||
| CVE-2017-9301 | 1 Videolan | 1 Vlc Media Player | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| plugins\audio_filter\libmpgatofixed32_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote attackers to cause a denial of service (invalid read and application crash) or possibly have unspecified other impact via a crafted file. | |||||
| CVE-2017-9283 | 1 Microfocus | 1 Visibroker | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An out-of-bounds read (CWE-125) vulnerability exists in Micro Focus VisiBroker 8.5. The feasibility of leveraging this vulnerability for further attacks was not assessed. | |||||
| CVE-2017-9265 | 1 Openvswitch | 1 Openvswitch | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In Open vSwitch (OvS) v2.7.0, there is a buffer over-read while parsing the group mod OpenFlow message sent from the controller in `lib/ofp-util.c` in the function `ofputil_pull_ofp15_group_mod`. | |||||
| CVE-2017-9264 | 1 Openvswitch | 1 Openvswitch | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In lib/conntrack.c in the firewall implementation in Open vSwitch (OvS) 2.6.1, there is a buffer over-read while parsing malformed TCP, UDP, and IPv6 packets in the functions `extract_l3_ipv6`, `extract_l4_tcp`, and `extract_l4_udp` that can be triggered remotely. | |||||
| CVE-2017-9260 | 1 Surina | 1 Soundtouch | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The TDStretchSSE::calcCrossCorr function in source/SoundTouch/sse_optimized.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted wav file. | |||||
| CVE-2017-9227 | 2 Oniguruma Project, Php | 2 Oniguruma, Php | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in mbc_enc_len() during regular expression searching. Invalid handling of reg->dmin in forward_search_range() could result in an invalid pointer dereference, as an out-of-bounds read from a stack buffer. | |||||
| CVE-2017-9224 | 2 Oniguruma Project, Php | 2 Oniguruma, Php | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in match_at() during regular expression searching. A logical error involving order of validation and access in match_at() could result in an out-of-bounds read from a stack buffer. | |||||
| CVE-2017-9223 | 1 Audiocoding | 1 Freeware Advanced Audio Decoder 2 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file. | |||||
| CVE-2017-9221 | 1 Audiocoding | 1 Freeware Advanced Audio Decoder 2 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The mp4ff_read_mdhd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file. | |||||