Total
24574 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-9538 | 1 Libtiff | 1 Libtiff | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
tools/tiffcrop.c in libtiff 4.0.6 reads an undefined buffer in readContigStripsIntoBuffer() because of a uint16 integer overflow. Reported as MSVR 35100. | |||||
CVE-2014-7921 | 1 Google | 1 Android | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
mediaserver in Android 4.0.3 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7920. | |||||
CVE-2016-6143 | 1 Sap | 1 Hana | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
SAP HANA DB 1.00.73.00.389160 allows remote attackers to execute arbitrary code via vectors involving the audit logs, aka SAP Security Note 2170806. | |||||
CVE-2017-5648 | 1 Apache | 1 Tomcat | 2023-12-10 | 6.4 MEDIUM | 9.1 CRITICAL |
While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tomcat 9.0.0.M1 to 9.0.0.M17, 8.5.0 to 8.5.11, 8.0.0.RC1 to 8.0.41, and 7.0.0 to 7.0.75 did not use the appropriate facade object. When running an untrusted application under a SecurityManager, it was therefore possible for that untrusted application to retain a reference to the request or response object and thereby access and/or modify information associated with another web application. | |||||
CVE-2017-5482 | 1 Tcpdump | 1 Tcpdump | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2016-8575. | |||||
CVE-2017-6195 | 1 Ipswitch | 2 Moveit Dmz, Moveit Transfer 2017 | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Ipswitch MOVEit Transfer (formerly DMZ) allows pre-authentication blind SQL injection. The fixed versions are MOVEit Transfer 2017 9.0.0.201, MOVEit DMZ 8.3.0.30, and MOVEit DMZ 8.2.0.20. | |||||
CVE-2016-10253 | 1 Erlang | 1 Erlang\/otp | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in Erlang/OTP 18.x. Erlang's generation of compiled regular expressions is vulnerable to a heap overflow. Regular expressions using a malformed extpattern can indirectly specify an offset that is used as an array index. This ordinal permits arbitrary regions within the erts_alloc arena to be both read and written to. | |||||
CVE-2016-7934 | 1 Tcpdump | 1 Tcpdump | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcp_print(). | |||||
CVE-2016-5841 | 2 Imagemagick, Oracle | 2 Imagemagick, Solaris | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable. | |||||
CVE-2016-6517 | 1 Liferay | 1 Liferay | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Directory traversal vulnerability in Liferay 5.1.0 allows remote attackers to have unspecified impact via a %2E%2E (encoded dot dot) in the minifierBundleDir parameter to barebone.jsp. | |||||
CVE-2016-8364 | 1 Ibhsoftec | 1 S7-softplc | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
An issue was discovered in IBHsoftec S7-SoftPLC prior to 4.12b. Object memory can read a network packet that is larger than the space that is available, a Heap-based Buffer Overflow. | |||||
CVE-2016-9223 | 1 Cisco | 1 Cloudcenter Orchestrator | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
A vulnerability in the Docker Engine configuration of Cisco CloudCenter Orchestrator (CCO; formerly CliQr) could allow an unauthenticated, remote attacker to install Docker containers with high privileges on the affected system. Affected Products: This vulnerability affect all releases of Cisco CloudCenter Orchestrator (CCO) deployments where the Docker Engine TCP port 2375 is open on the system and bound to local address 0.0.0.0 (any interface). | |||||
CVE-2016-9288 | 1 Exponentcms | 1 Exponent Cms | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
In framework/modules/navigation/controllers/navigationController.php in Exponent CMS v2.4.0 or older, the parameter "target" of function "DragnDropReRank" is directly used without any filtration which caused SQL injection. The payload can be used like this: /navigation/DragnDropReRank/target/1. | |||||
CVE-2017-6890 | 1 Libraw | 1 Libraw-demosaic-pack-gpl2 | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
A boundary error within the "foveon_load_camf()" function (dcraw_foveon.c) when initializing a huffman table in LibRaw-demosaic-pack-GPL2 before 0.18.2 can be exploited to cause a stack-based buffer overflow. | |||||
CVE-2016-8902 | 1 Dotcms | 1 Dotcms | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
SQL injection vulnerability in the categoriesServlet servlet in dotCMS before 3.3.1 allows remote not authenticated attackers to execute arbitrary SQL commands via the sort parameter. | |||||
CVE-2016-8355 | 1 Smiths-medical | 1 Cadd-solis Medication Safety Software | 2023-12-10 | 9.0 HIGH | 9.9 CRITICAL |
An issue was discovered in Smiths-Medical CADD-Solis Medication Safety Software, Version 1.0; 2.0; 3.0; and 3.1. CADD-Solis Medication Safety Software grants an authenticated user elevated privileges on the SQL database, which would allow an authenticated user to modify drug libraries, add and delete users, and change user permissions. According to Smiths-Medical, physical access to the pump is required to install drug library updates. | |||||
CVE-2017-8303 | 1 Accellion | 1 File Transfer Appliance | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered on Accellion FTA devices before FTA_9_12_180. seos/1000/find.api allows Remote Code Execution with shell metacharacters in the method parameter. | |||||
CVE-2017-5674 | 1 Embedthis | 1 Goahead | 2023-12-10 | 5.0 MEDIUM | 9.8 CRITICAL |
A vulnerability in a custom-built GoAhead web server used on Foscam, Vstarcam, and multiple white-label IP camera models allows an attacker to craft a malformed HTTP ("GET system.ini HTTP/1.1\n\n" - note the lack of "/" in the path field of the request) request that will disclose the configuration file with the login password. | |||||
CVE-2017-5341 | 1 Tcpdump | 1 Tcpdump | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print(). | |||||
CVE-2017-9152 | 1 Autotrace Project | 1 Autotrace | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the pnm_load_raw function in input-pnm.c:346:41. |