Total
10918 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-8773 | 1 Quickheal | 3 Antivirus Pro, Internet Security, Total Security | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Out of Bounds Write on a Heap Buffer due to improper validation of dwCompressionSize of Microsoft WIM Header WIMHEADER_V1_PACKED. This vulnerability can be exploited to gain Remote Code Execution as well as Privilege Escalation. | |||||
| CVE-2017-8540 | 1 Microsoft | 19 Endpoint Protection, Exchange Server, Forefront Endpoint Protection and 16 more | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to memory corruption. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability", a different vulnerability than CVE-2017-8538 and CVE-2017-8541. | |||||
| CVE-2017-8400 | 1 Swftools | 1 Swftools | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| In SWFTools 0.9.2, an out-of-bounds write of heap data can occur in the function png_load() in lib/png.c:755. This issue can be triggered by a malformed PNG file that is mishandled by png2swf. Attackers could exploit this issue for DoS; it might cause arbitrary code execution. | |||||
| CVE-2017-8359 | 1 Grpc | 1 Grpc | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Google gRPC before 2017-03-29 has an out-of-bounds write caused by a heap-based use-after-free related to the grpc_call_destroy function in core/lib/surface/call.c. | |||||
| CVE-2017-8358 | 1 Libreoffice | 1 Libreoffice | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| LibreOffice before 2017-03-17 has an out-of-bounds write caused by a heap-based buffer overflow related to the ReadJPEG function in vcl/source/filter/jpeg/jpegc.cxx. | |||||
| CVE-2017-8272 | 1 Google | 1 Android | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, in a driver function, a value from userspace is not properly validated potentially leading to an out of bounds heap write. | |||||
| CVE-2017-8271 | 1 Google | 1 Android | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Out of bound memory write can happen in the MDSS Rotator driver in all Qualcomm products with Android releases from CAF using the Linux kernel by an unsanitized userspace-controlled parameter. | |||||
| CVE-2017-8260 | 1 Google | 1 Android | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, due to a type downcast, a value may improperly pass validation and cause an out of bounds write later. | |||||
| CVE-2017-8233 | 1 Google | 1 Android | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| In a camera driver function in all Android releases from CAF using the Linux kernel, a bounds check is missing when writing into an array potentially leading to an out-of-bounds heap write. | |||||
| CVE-2017-8105 | 2 Debian, Freetype | 2 Debian Linux, Freetype | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c. | |||||
| CVE-2017-8067 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| drivers/char/virtio_console.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist. | |||||
| CVE-2017-7882 | 1 Libreoffice | 1 Libreoffice | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| LibreOffice before 2017-03-14 has an out-of-bounds write related to the HWPFile::TagsRead function in hwpfilter/source/hwpfile.cxx. | |||||
| CVE-2017-7875 | 1 Feh Project | 1 Feh | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In wallpaper.c in feh before v2.18.3, if a malicious client pretends to be the E17 window manager, it is possible to trigger an out-of-boundary heap write while receiving an IPC message. An integer overflow leads to a buffer overflow and/or a double free. | |||||
| CVE-2017-7870 | 1 Libreoffice | 1 Libreoffice | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx. | |||||
| CVE-2017-7869 | 1 Gnu | 1 Gnutls | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function in opencdk/read-packet.c. This issue (which is a subset of the vendor's GNUTLS-SA-2017-3 report) is fixed in 3.5.10. | |||||
| CVE-2017-7868 | 2 Debian, Icu-project | 2 Debian Linux, International Components For Unicode | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function. | |||||
| CVE-2017-7867 | 2 Debian, Icu-project | 2 Debian Linux, International Components For Unicode | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function. | |||||
| CVE-2017-7866 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| FFmpeg before 2017-01-23 has an out-of-bounds write caused by a stack-based buffer overflow related to the decode_zbuf function in libavcodec/pngdec.c. | |||||
| CVE-2017-7865 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| FFmpeg before 2017-01-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the ipvideo_decode_block_opcode_0xA function in libavcodec/interplayvideo.c and the avcodec_align_dimensions2 function in libavcodec/utils.c. | |||||
| CVE-2017-7864 | 1 Freetype | 1 Freetype | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tt_size_reset function in truetype/ttobjs.c. | |||||