Total
7185 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-12445 | 1 Minidjvu Project | 1 Minidjvu | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| The JB2BitmapCoder::code_row_by_refinement function in jb2/bmpcoder.cpp in minidjvu 0.8 can cause a denial of service (invalid memory read and application crash) via a crafted djvu file. | |||||
| CVE-2017-13755 | 2 Debian, Sleuthkit | 2 Debian Linux, The Sleuth Kit | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| In The Sleuth Kit (TSK) 4.4.2, opening a crafted ISO 9660 image triggers an out-of-bounds read in iso9660_proc_dir() in tsk/fs/iso9660_dent.c in libtskfs.a, as demonstrated by fls. | |||||
| CVE-2017-6264 | 1 Linux | 1 Linux Kernel | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists in the NVIDIA GPU driver (gm20b_clk_throt_set_cdev_state), where an out of bound memory read is used as a function pointer could lead to code execution in the kernel.This issue is rated as high because it could allow a local malicious application to execute arbitrary code within the context of a privileged process. Product: Android. Version: N/A. Android ID: A-34705430. References: N-CVE-2017-6264. | |||||
| CVE-2016-9297 | 1 Libtiff | 1 Libtiff | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII tag values. | |||||
| CVE-2017-14245 | 2 Debian, Libsndfile Project | 2 Debian Linux, Libsndfile | 2025-04-20 | 5.8 MEDIUM | 8.1 HIGH |
| An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values. | |||||
| CVE-2017-3060 | 5 Adobe, Apple, Google and 2 more | 7 Flash Player, Mac Os X, Chrome Os and 4 more | 2025-04-20 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the ActionScript2 code parser. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-10171 | 1 Wavpack Project | 1 Wavpack | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The unreorder_channels function in cli/wvunpack.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file. | |||||
| CVE-2017-6829 | 1 Audiofile | 1 Audiofile | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The decodeSample function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file. | |||||
| CVE-2017-2981 | 1 Adobe | 1 Digital Editions | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Digital Editions versions 4.5.3 and earlier have an exploitable buffer over-read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2017-17506 | 1 Hdfgroup | 1 Hdf5 | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| In HDF5 1.10.1, there is an out of bounds read vulnerability in the function H5Opline_pline_decode in H5Opline.c in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file. | |||||
| CVE-2017-13019 | 1 Tcpdump | 1 Tcpdump | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print(). | |||||
| CVE-2017-5504 | 1 Jasper Project | 1 Jasper | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The jpc_undo_roi function in libjasper/jpc/jpc_dec.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted image. | |||||
| CVE-2016-5035 | 1 Libdwarf Project | 1 Libdwarf | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| The _dwarf_read_line_table_header function in dwarf_line_table_reader.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. | |||||
| CVE-2017-2409 | 1 Apple | 1 Mac Os X | 2025-04-20 | 5.8 MEDIUM | 7.1 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Menus" component. It allows attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted app. | |||||
| CVE-2017-9154 | 1 Autotrace Project | 1 Autotrace | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the GET_COLOR function in color.c:16:11. | |||||
| CVE-2017-9611 | 2 Artifex, Debian | 2 Ghostscript, Debian Linux | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| The Ins_MIRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | |||||
| CVE-2017-11541 | 1 Tcpdump | 1 Tcpdump | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c. | |||||
| CVE-2017-12449 | 1 Gnu | 1 Binutils | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| The _bfd_vms_save_sized_string function in vms-misc.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms file. | |||||
| CVE-2017-16382 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2025-04-20 | 9.3 HIGH | 8.8 HIGH |
| An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is part of the image conversion module. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure. | |||||
| CVE-2017-13037 | 1 Tcpdump | 1 Tcpdump | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts(). | |||||