Total
6561 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-14129 | 1 Gnu | 1 Binutils | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The read_section function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (parse_comp_unit heap-based buffer over-read and application crash) via a crafted ELF file. | |||||
| CVE-2017-14128 | 1 Gnu | 1 Binutils | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The decode_line_info function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (read_1_byte heap-based buffer over-read and application crash) via a crafted ELF file. | |||||
| CVE-2017-14122 | 2 Debian, Rarlab | 2 Debian Linux, Unrar | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a stack-based buffer over-read in unrarlib.c, related to ExtrFile and stricomp. | |||||
| CVE-2017-14034 | 1 Libbpg Project | 1 Libbpg | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The restore_tqb_pixels function in hevc_filter.c in libavcodec, as used in libbpg 0.9.7 and other products, miscalculates a memcpy destination address, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact. | |||||
| CVE-2017-13878 | 1 Apple | 1 Mac Os X | 2024-11-21 | 5.6 MEDIUM | 7.1 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows local users to bypass intended memory-read restrictions or cause a denial of service (out-of-bounds read and system crash). | |||||
| CVE-2017-13875 | 1 Apple | 1 Mac Os X | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds read) via a crafted app. | |||||
| CVE-2017-13817 | 1 Apple | 1 Mac Os X | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| An out-of-bounds read issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows local users to bypass intended memory-read restrictions. | |||||
| CVE-2017-13769 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file. | |||||
| CVE-2017-13765 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the IrCOMM dissector has a buffer over-read and application crash. This was addressed in plugins/irda/packet-ircomm.c by adding length validation. | |||||
| CVE-2017-13757 | 1 Gnu | 1 Binutils | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the PLT section size, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to elf_i386_get_synthetic_symtab in elf32-i386.c and elf_x86_64_get_synthetic_symtab in elf64-x86-64.c. | |||||
| CVE-2017-13755 | 2 Debian, Sleuthkit | 2 Debian Linux, The Sleuth Kit | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| In The Sleuth Kit (TSK) 4.4.2, opening a crafted ISO 9660 image triggers an out-of-bounds read in iso9660_proc_dir() in tsk/fs/iso9660_dent.c in libtskfs.a, as demonstrated by fls. | |||||
| CVE-2017-13744 | 1 Liblouis | 1 Liblouis | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| There is an illegal address access in the function _lou_getALine() in compileTranslationTable.c:343 in Liblouis 3.2.0. | |||||
| CVE-2017-13738 | 1 Liblouis | 1 Liblouis | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| There is an illegal address access in the _lou_getALine function in compileTranslationTable.c:346 in Liblouis 3.2.0. | |||||
| CVE-2017-13725 | 2 Debian, Tcpdump | 2 Debian Linux, Tcpdump | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print(). | |||||
| CVE-2017-13722 | 1 X.org | 1 Libxfont | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
| In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check (for PCF files) could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash of the X server. | |||||
| CVE-2017-13720 | 1 X.org | 1 Libxfont | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
| In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of fonts, leading to information disclosure or a crash (denial of service). This occurs because '\0' characters are incorrectly skipped in situations involving ? characters. | |||||
| CVE-2017-13690 | 1 Tcpdump | 1 Tcpdump | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The IKEv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions. | |||||
| CVE-2017-13689 | 1 Tcpdump | 1 Tcpdump | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print(). | |||||
| CVE-2017-13688 | 1 Tcpdump | 1 Tcpdump | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print(). | |||||
| CVE-2017-13687 | 2 Debian, Tcpdump | 2 Debian Linux, Tcpdump | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print(). | |||||