Total
7099 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-11367 | 1 Shoco Project | 1 Shoco | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The shoco_decompress function in the API in shoco through 2017-07-17 allows remote attackers to cause a denial of service (buffer over-read and application crash) via malformed compressed data. | |||||
| CVE-2017-12898 | 1 Tcpdump | 1 Tcpdump | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply(). | |||||
| CVE-2017-7244 | 1 Pcre | 1 Pcre | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The _pcre32_xclass function in pcre_xclass.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (invalid memory read) via a crafted file. | |||||
| CVE-2016-6163 | 1 Gnome | 1 Librsvg | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librsvg2 2.40.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted svg file. | |||||
| CVE-2017-12640 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
| ImageMagick 7.0.6-1 has an out-of-bounds read vulnerability in ReadOneMNGImage in coders/png.c. | |||||
| CVE-2017-15932 | 1 Radare | 1 Radare2 | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| In radare2 2.0.1, an integer exception (negative number leading to an invalid memory access) exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c via crafted ELF files when parsing the ELF version on 32bit systems. | |||||
| CVE-2016-10199 | 1 Gstreamer Project | 1 Gstreamer | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The qtdemux_tag_add_str_full function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted tag value. | |||||
| CVE-2017-12996 | 1 Tcpdump | 1 Tcpdump | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print(). | |||||
| CVE-2017-5667 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-20 | 2.1 LOW | 6.5 MEDIUM |
| The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data transfer length. | |||||
| CVE-2017-6310 | 2 Debian, Tnef Project | 2 Debian Linux, Tnef | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in tnef before 1.4.13. Four type confusions have been identified in the file_add_mapi_attrs() function. These might lead to invalid read and write operations, controlled by an attacker. | |||||
| CVE-2016-7534 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| The generic decoder in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted file. | |||||
| CVE-2016-9810 | 1 Gstreamer | 1 Gstreamer | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The gst_decode_chain_free_internal function in the flxdex decoder in gst-plugins-good in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and crash) via an invalid file, which triggers an incorrect unref call. | |||||
| CVE-2017-11661 | 1 Mindwerks | 1 Wildmidi | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The _WM_SetupMidiEvent function in internal_midi.c:2318 in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file. | |||||
| CVE-2017-12445 | 1 Minidjvu Project | 1 Minidjvu | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| The JB2BitmapCoder::code_row_by_refinement function in jb2/bmpcoder.cpp in minidjvu 0.8 can cause a denial of service (invalid memory read and application crash) via a crafted djvu file. | |||||
| CVE-2017-13755 | 2 Debian, Sleuthkit | 2 Debian Linux, The Sleuth Kit | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| In The Sleuth Kit (TSK) 4.4.2, opening a crafted ISO 9660 image triggers an out-of-bounds read in iso9660_proc_dir() in tsk/fs/iso9660_dent.c in libtskfs.a, as demonstrated by fls. | |||||
| CVE-2017-6264 | 1 Linux | 1 Linux Kernel | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists in the NVIDIA GPU driver (gm20b_clk_throt_set_cdev_state), where an out of bound memory read is used as a function pointer could lead to code execution in the kernel.This issue is rated as high because it could allow a local malicious application to execute arbitrary code within the context of a privileged process. Product: Android. Version: N/A. Android ID: A-34705430. References: N-CVE-2017-6264. | |||||
| CVE-2016-9297 | 1 Libtiff | 1 Libtiff | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII tag values. | |||||
| CVE-2017-14245 | 2 Debian, Libsndfile Project | 2 Debian Linux, Libsndfile | 2025-04-20 | 5.8 MEDIUM | 8.1 HIGH |
| An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values. | |||||
| CVE-2017-3060 | 5 Adobe, Apple, Google and 2 more | 7 Flash Player, Mac Os X, Chrome Os and 4 more | 2025-04-20 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the ActionScript2 code parser. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-10171 | 1 Wavpack Project | 1 Wavpack | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The unreorder_channels function in cli/wvunpack.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file. | |||||