Vulnerabilities (CVE)

Filtered by CWE-770
Total 1886 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-18258 1 Xmlsoft 1 Libxml2 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.
CVE-2017-18229 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allows attackers to cause a denial of service via a crafted file, because file size is not properly used to restrict scanline, strip, and tile allocations.
CVE-2017-18219 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted file that triggers an attempt at a large png_pixels array allocation.
CVE-2017-18028 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2026-06-17 7.1 HIGH 6.5 MEDIUM
In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file.
CVE-2017-15124 1 Qemu 1 Qemu 2026-06-17 7.8 HIGH 7.5 HIGH
VNC server implementation in Quick Emulator (QEMU) 2.11.0 and older was found to be vulnerable to an unbounded memory allocation issue, as it did not throttle the framebuffer updates sent to its client. If the client did not consume these updates, VNC server allocates growing memory to hold onto this data. A malicious remote VNC client could use this flaw to cause DoS to the server host.
CVE-2017-14938 1 Gnu 1 Binutils 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
_bfd_elf_slurp_version_tables in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file.
CVE-2017-14531 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2026-06-17 7.1 HIGH 6.5 MEDIUM
ImageMagick 7.0.7-0 has a memory exhaustion issue in ReadSUNImage in coders/sun.c.
CVE-2017-14107 2 Debian, Libzip 2 Debian Linux, Libzip 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
The _zip_read_eocd64 function in zip_open.c in libzip before 1.3.0 mishandles EOCD records, which allows remote attackers to cause a denial of service (memory allocation failure in _zip_cdir_grow in zip_dirent.c) via a crafted ZIP archive.
CVE-2017-13763 1 Onosproject 1 Onos 2026-06-17 5.0 MEDIUM 7.5 HIGH
ONOS versions 1.8.0, 1.9.0, and 1.10.0 do not restrict the amount of memory allocated. The Netty payload size is not limited.
CVE-2017-13716 1 Gnu 1 Binutils 2026-06-17 7.1 HIGH 5.5 MEDIUM
The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd).
CVE-2017-13190 1 Google 1 Android 2026-06-17 7.8 HIGH 7.5 HIGH
A vulnerability in the Android media framework (libhevc) related to handling ps_codec_obj memory allocation failures. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68299873.
CVE-2017-13189 1 Google 1 Android 2026-06-17 7.8 HIGH 7.5 HIGH
A vulnerability in the Android media framework (libavc) related to handling dec_hdl memory allocation failures. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68300072.
CVE-2017-13133 1 Imagemagick 1 Imagemagick 2026-06-17 7.1 HIGH 6.5 MEDIUM
In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service (load_tile memory exhaustion) via a crafted file.
CVE-2017-12944 1 Libtiff 1 Libtiff 2026-06-17 5.0 MEDIUM 7.5 HIGH
The TIFFReadDirEntryArray function in tif_read.c in LibTIFF 4.0.8 mishandles memory allocation for short files, which allows remote attackers to cause a denial of service (allocation failure and application crash) in the TIFFFetchStripThing function in tif_dirread.c during a tiff2pdf invocation.
CVE-2017-12875 1 Imagemagick 1 Imagemagick 2026-06-17 7.1 HIGH 6.5 MEDIUM
The WritePixelCachePixels function in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (CPU consumption) via a crafted file.
CVE-2017-12693 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2026-06-17 7.1 HIGH 6.5 MEDIUM
The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted BMP file.
CVE-2017-12692 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2026-06-17 7.1 HIGH 6.5 MEDIUM
The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted VIFF file.
CVE-2017-12691 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2026-06-17 7.1 HIGH 6.5 MEDIUM
The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
CVE-2017-12643 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2026-06-17 7.1 HIGH 6.5 MEDIUM
ImageMagick 7.0.6-1 has a memory exhaustion vulnerability in ReadOneJNGImage in coders\png.c.
CVE-2017-12563 1 Imagemagick 1 Imagemagick 2026-06-17 7.1 HIGH 6.5 MEDIUM
In ImageMagick 7.0.6-2, a memory exhaustion vulnerability was found in the function ReadPSDImage in coders/psd.c, which allows attackers to cause a denial of service.