Total
6260 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-11052 | 1 Google | 1 Android | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted QCA_NL80211_VENDOR_SUBCMD_NDP cfg80211 vendor command a buffer over-read can occur. | |||||
CVE-2017-13051 | 1 Tcpdump | 1 Tcpdump | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). | |||||
CVE-2017-13021 | 1 Tcpdump | 1 Tcpdump | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_print(). | |||||
CVE-2017-11055 | 1 Google | 1 Android | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION cfg80211 vendor command, a buffer over-read can occur. | |||||
CVE-2017-9454 | 1 Resiprocate | 1 Resiprocate | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Buffer overflow in the ares_parse_a_reply function in the embedded ares library in ReSIProcate before 1.12.0 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted DNS response. | |||||
CVE-2017-14502 | 1 Libarchive | 1 Libarchive | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
read_header in archive_read_support_format_rar.c in libarchive 3.3.2 suffers from an off-by-one error for UTF-16 names in RAR archives, leading to an out-of-bounds read in archive_read_format_rar_read_header. | |||||
CVE-2017-10987 | 1 Freeradius | 1 Freeradius | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An FR-GV-304 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Buffer over-read in fr_dhcp_decode_suboptions()" and a denial of service. | |||||
CVE-2017-14607 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2024-02-28 | 5.8 MEDIUM | 8.1 HIGH |
In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ReadTIFFImage has been reported in coders/tiff.c. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash. | |||||
CVE-2017-14034 | 1 Libbpg Project | 1 Libbpg | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
The restore_tqb_pixels function in hevc_filter.c in libavcodec, as used in libbpg 0.9.7 and other products, miscalculates a memcpy destination address, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact. | |||||
CVE-2017-13006 | 1 Tcpdump | 1 Tcpdump | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions. | |||||
CVE-2017-12985 | 1 Tcpdump | 1 Tcpdump | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print(). | |||||
CVE-2017-17669 | 3 Canonical, Debian, Exiv2 | 3 Ubuntu Linux, Debian Linux, Exiv2 | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunk_int.cpp in Exiv2 0.26. A crafted PNG file will lead to a remote denial of service attack. | |||||
CVE-2017-11722 | 1 Graphicsmagick | 1 Graphicsmagick | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
The WriteOnePNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file, because the program's actual control flow was inconsistent with its indentation. This resulted in a logging statement executing outside of a loop, and consequently using an invalid array index corresponding to the loop's exit condition. | |||||
CVE-2017-9865 | 2 Debian, Freedesktop | 2 Debian Linux, Poppler | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
The function GfxImageColorMap::getGray in GfxState.cc in Poppler 0.54.0 allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted PDF document, related to missing color-map validation in ImageOutputDev.cc. | |||||
CVE-2017-16400 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2024-02-28 | 9.3 HIGH | 8.8 HIGH |
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is part of the JPEG 2000 parser. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure. | |||||
CVE-2018-4871 | 6 Adobe, Apple, Google and 3 more | 10 Flash Player, Macos, Chrome Os and 7 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An Out-of-bounds Read issue was discovered in Adobe Flash Player before 28.0.0.137. This vulnerability occurs because of computation that reads data that is past the end of the target buffer. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure. | |||||
CVE-2017-9955 | 1 Gnu | 1 Binutils | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
The get_build_id function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file in which a certain size field is larger than a corresponding data field, as demonstrated by mishandling within the objdump program. | |||||
CVE-2017-11147 | 2 Netapp, Php | 2 Clustered Data Ontap, Php | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the phar_parse_pharfile function in ext/phar/phar.c. | |||||
CVE-2017-12897 | 1 Tcpdump | 1 Tcpdump | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print(). | |||||
CVE-2017-12453 | 1 Gnu | 1 Binutils | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
The _bfd_vms_slurp_eeom function in libbfd.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file. |