Total
11923 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-2792 | 1 Marklogic | 1 Marklogic | 2024-11-21 | 6.8 MEDIUM | 8.3 HIGH |
| An exploitable heap corruption vulnerability exists in the iBldDirInfo functionality of Antenna House DMC HTMLFilter used by MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can provide a malicious xls file to trigger this vulnerability. | |||||
| CVE-2017-20144 | 1 Anvsoft | 1 Pdf Converter | 2024-11-21 | N/A | 6.3 MEDIUM |
| A vulnerability has been found in Anvsoft PDFMate PDF Converter Pro 1.7.5.0 and classified as critical. The manipulation leads to memory corruption. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2017-1085 | 1 Freebsd | 1 Freebsd | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| In FreeBSD before 11.2-RELEASE, an application which calls setrlimit() to increase RLIMIT_STACK may turn a read-only memory region below the stack into a read-write region. A specially crafted executable could be exploited to execute arbitrary code in the user context. | |||||
| CVE-2017-1084 | 1 Freebsd | 1 Freebsd | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| In FreeBSD before 11.2-RELEASE, multiple issues with the implementation of the stack guard-page reduce the protections afforded by the guard-page. This results in the possibility a poorly written process could be cause a stack overflow. | |||||
| CVE-2017-1083 | 1 Freebsd | 1 Freebsd | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| In FreeBSD before 11.2-RELEASE, a stack guard-page is available but is disabled by default. This results in the possibility a poorly written process could be cause a stack overflow. | |||||
| CVE-2017-18696 | 3 Google, Qualcomm, Samsung | 4 Android, Msm8996, Exynos 7420 and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (Exynos7420, Exynos8890, or MSM8996 chipsets) software. RKP allows memory corruption. The Samsung ID is SVE-2016-7897 (January 2017). | |||||
| CVE-2017-18662 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. Data outside of the rkp log buffer boundary is read, causing an information leak. The Samsung ID is SVE-2017-9109 (July 2017). | |||||
| CVE-2017-18379 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In the Linux kernel before 4.14, an out of boundary access happened in drivers/nvme/target/fc.c. | |||||
| CVE-2017-18329 | 1 Qualcomm | 74 Mdm9615, Mdm9615 Firmware, Mdm9625 and 71 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Possible Buffer overflow when transmitting an RTP packet in snapdragon automobile and snapdragon wear in versions MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 835, SD 845 / SD 850, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130 | |||||
| CVE-2017-18303 | 1 Qualcomm | 52 Mdm9206, Mdm9206 Firmware, Mdm9607 and 49 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| While processing the sensors registry configuration file, if inputs are not validated a buffer overflow will occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MMDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SDA660, SDX20. | |||||
| CVE-2017-18295 | 1 Qualcomm | 38 Mdm9206, Mdm9206 Firmware, Mdm9607 and 35 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Possible buffer overflow if input is not null terminated in DSP Service module in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDX20. | |||||
| CVE-2017-18283 | 1 Qualcomm | 18 Qca9379, Qca9379 Firmware, Sd210 and 15 more | 2024-11-21 | 6.1 MEDIUM | 6.5 MEDIUM |
| Possible memory corruption when Read Val Blob Req is received with invalid parameters in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 625, SD 835, SD 845, SD 850, SDA660. | |||||
| CVE-2017-18269 | 2 Gnu, Linux | 2 Glibc, Linux Kernel | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution. | |||||
| CVE-2017-18243 | 1 Libav | 1 Libav | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| The unpack_parse_unit function in libavcodec/dirac_parser.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault) via a crafted file. | |||||
| CVE-2017-18222 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| In the Linux kernel before 4.12, Hisilicon Network Subsystem (HNS) does not consider the ETH_SS_PRIV_FLAGS case when retrieving sset_count data, which allows local users to cause a denial of service (buffer overflow and memory corruption) or possibly have unspecified other impact, as demonstrated by incompatibility between hns_get_sset_count and ethtool_get_strings. | |||||
| CVE-2017-18206 | 2 Canonical, Zsh | 2 Ubuntu Linux, Zsh | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In utils.c in zsh before 5.4, symlink expansion had a buffer overflow. | |||||
| CVE-2017-18193 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| fs/f2fs/extent_cache.c in the Linux kernel before 4.13 mishandles extent trees, which allows local users to cause a denial of service (BUG) via an application with multiple threads. | |||||
| CVE-2017-18171 | 1 Qualcomm | 50 Qca9379, Qca9379 Firmware, Sd 205 and 47 more | 2024-11-21 | 8.3 HIGH | 8.8 HIGH |
| Improper input validation for GATT data packet received in Bluetooth Controller function can lead to possible memory corruption in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, SD 850, SDM630, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016. | |||||
| CVE-2017-18158 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Possible buffer overflows and array out of bounds accesses in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05 while flashing images. | |||||
| CVE-2017-18154 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| A crafted binder request can cause an arbitrary unmap in MediaServer in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | |||||