Total
6561 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-2579 | 1 Netpbm Project | 1 Netpbm | 2024-11-21 | 6.8 MEDIUM | 3.3 LOW |
| An out-of-bounds read vulnerability was found in netpbm before 10.61. The expandCodeOntoStack() function has an insufficient code value check, so that a maliciously crafted file could cause the application to crash or possibly allows code execution. | |||||
| CVE-2017-2450 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-11-21 | 5.8 MEDIUM | 7.1 HIGH |
| An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreText" component. It allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted font file. | |||||
| CVE-2017-2439 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-11-21 | 5.8 MEDIUM | 7.1 HIGH |
| An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "FontParser" component. It allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted font file. | |||||
| CVE-2017-2409 | 1 Apple | 1 Mac Os X | 2024-11-21 | 5.8 MEDIUM | 7.1 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Menus" component. It allows attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted app. | |||||
| CVE-2017-18688 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with L(5.1), M(6.0), and N(7.0) software. There is an information disclosure (of memory locations outside a buffer) via /dev/dsm_ctrl_dev. The Samsung ID is SVE-2016-7340 (January 2017). | |||||
| CVE-2017-18656 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. There is a buffer over-read in a trustlet. The Samsung ID is SVE-2017-8890 (August 2017). | |||||
| CVE-2017-18446 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 6.5 MEDIUM | 6.3 MEDIUM |
| cPanel before 64.0.21 allows file-read and file-write operations for demo accounts via the SourceIPCheck API (SEC-250). | |||||
| CVE-2017-18344 | 3 Canonical, Linux, Redhat | 9 Ubuntu Linux, Linux Kernel, Enterprise Linux Desktop and 6 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent->sigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). This allows userspace applications to read arbitrary kernel memory (on a kernel built with CONFIG_POSIX_TIMERS and CONFIG_CHECKPOINT_RESTORE). | |||||
| CVE-2017-18315 | 1 Qualcomm | 2 Sd 600, Sd 600 Firmware | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Buffer over-read vulnerabilities in an older version of ASN.1 parser in Snapdragon Mobile in versions SD 600. | |||||
| CVE-2017-18304 | 2 Qaulcomm, Qualcomm | 52 Fsm9055, Fsm9055 Firmware, Mdm9206 and 49 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Insufficient memory allocation in boot due to incorrect size being passed could result in out of bounds access in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in version FSM9055, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660 and SDX20 | |||||
| CVE-2017-18294 | 1 Qualcomm | 48 Fsm9055, Fsm9055 Firmware, Mdm9206 and 45 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| While reading file class type from ELF header, a buffer overread may happen if the ELF file size is less than the size of ELF64 header size in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDA660, SDX20. | |||||
| CVE-2017-18281 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| A bool variable in Video function, which gets typecasted to int before being read could result in an out of bound read access in all Android releases from CAF using the linux kernel | |||||
| CVE-2017-18246 | 1 Libav | 1 Libav | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| The pcm_encode_frame function in libavcodec/pcm.c in Libav 12.2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted media file. | |||||
| CVE-2017-18245 | 1 Libav | 1 Libav | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| The mpc8_probe function in libavformat/mpc8.c in Libav 12.2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted audio file. | |||||
| CVE-2017-18244 | 1 Libav | 1 Libav | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| The stereo_processing function in libavcodec/aacps.c in Libav 12.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted aac file, related to ff_ps_apply. | |||||
| CVE-2017-18242 | 1 Libav | 1 Libav | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| The apply_dependent_coupling function in libavcodec/aacdec.c in Libav 12.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted aac file. | |||||
| CVE-2017-18212 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_hex function in lit/lit-char-helpers.c via a RegExp("[\x0"); payload. | |||||
| CVE-2017-18198 | 1 Gnu | 1 Libcdio | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| print_iso9660_recurse in iso-info.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted iso file. | |||||
| CVE-2017-18185 | 1 Qpdf Project | 1 Qpdf | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in QPDF before 7.0.0. There is a large heap-based out-of-bounds read in the Pl_Buffer::write function in Pl_Buffer.cc. It is caused by an integer overflow in the PNG filter. | |||||
| CVE-2017-18184 | 1 Qpdf Project | 1 Qpdf | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in QPDF before 7.0.0. There is a stack-based out-of-bounds read in the function iterate_rc4 in QPDF_encryption.cc. | |||||