Total
6561 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-5984 | 1 Libav | 1 Libav | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libavcodec in Libav 9.21, ff_h264_execute_ref_pic_marking() has a heap-based buffer over-read. | |||||
| CVE-2017-5978 | 1 Zziplib Project | 1 Zziplib | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted ZIP file. | |||||
| CVE-2017-5977 | 1 Zziplib Project | 1 Zziplib | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted ZIP file. | |||||
| CVE-2017-5956 | 1 Virglrenderer Project | 1 Virglrenderer | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| The vrend_draw_vbo function in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors involving vertext_buffer_index. | |||||
| CVE-2017-5923 | 1 Virustotal | 1 Yara | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted rule that is mishandled in the yara_yyparse function. | |||||
| CVE-2017-5897 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access. | |||||
| CVE-2017-5896 | 1 Artifex | 1 Mupdf | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Heap-based buffer overflow in the fz_subsample_pixmap function in fitz/pixmap.c in MuPDF 1.10a allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted image. | |||||
| CVE-2017-5849 | 2 Fedoraproject, Netpbm Project | 2 Fedora, Netpbm | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| tiffttopnm in netpbm 10.47.63 does not properly use the libtiff TIFFRGBAImageGet function, which allows remote attackers to cause a denial of service (out-of-bounds read and write) via a crafted tiff image file, related to transposing width and height values. | |||||
| CVE-2017-5848 | 3 Debian, Gstreamer Project, Redhat | 8 Debian Linux, Gstreamer, Enterprise Linux Desktop and 5 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux.c in gst-plugins-bad in GStreamer allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors involving PSM parsing. | |||||
| CVE-2017-5847 | 2 Debian, Gstreamer Project | 2 Debian Linux, Gstreamer | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The gst_asf_demux_process_ext_content_desc function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving extended content descriptors. | |||||
| CVE-2017-5846 | 1 Gstreamer Project | 1 Gstreamer | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The gst_asf_demux_process_ext_stream_props function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors related to the number of languages in a video file. | |||||
| CVE-2017-5845 | 1 Gstreamer Project | 1 Gstreamer | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a ncdt sub-tag that "goes behind" the surrounding tag. | |||||
| CVE-2017-5841 | 1 Gstreamer Project | 1 Gstreamer | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving ncdt tags. | |||||
| CVE-2017-5840 | 1 Gstreamer Project | 1 Gstreamer | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving the current stts index. | |||||
| CVE-2017-5838 | 1 Gstreamer Project | 1 Gstreamer | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The gst_date_time_new_from_iso8601_string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a malformed datetime string. | |||||
| CVE-2017-5834 | 1 Libimobiledevice | 1 Libplist | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The parse_dict_node function in bplist.c in libplist allows attackers to cause a denial of service (out-of-bounds heap read and crash) via a crafted file. | |||||
| CVE-2017-5692 | 1 Intel | 1 Graphics Driver | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Out-of-bounds read condition in older versions of some Intel Graphics Driver for Windows code branches allows local users to perform a denial of service attack. | |||||
| CVE-2017-5667 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2024-11-21 | 2.1 LOW | 6.5 MEDIUM |
| The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data transfer length. | |||||
| CVE-2017-5601 | 1 Libarchive | 1 Libarchive | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An error in the lha_read_file_header_1() function (archive_read_support_format_lha.c) in libarchive 3.2.2 allows remote attackers to trigger an out-of-bounds read memory access and subsequently cause a crash via a specially crafted archive. | |||||
| CVE-2017-5563 | 1 Libtiff | 1 Libtiff | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff. | |||||