Total
2144 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-2831 | 1 Foscam | 2 C1 Indoor Hd Camera, C1 Indoor Hd Camera Firmware | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can cause a buffer overflow resulting in overwriting arbitrary data. An attacker can simply send an HTTP request to the device to trigger this vulnerability. | |||||
CVE-2017-11015 | 1 Google | 1 Android | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, currently, the value of SIR_MAC_AUTH_CHALLENGE_LENGTH is set to 128 which may result in buffer overflow since the frame parser allows challenge text of length up to 253 bytes, but the driver can not handle challenge text larger than 128 bytes. | |||||
CVE-2017-11473 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 3.2 allows local users to gain privileges via a crafted ACPI table. | |||||
CVE-2017-11014 | 1 Google | 1 Android | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while parsing a Measurement Request IE in a Roam Neighbor Action Report, a buffer overflow can occur. | |||||
CVE-2017-0176 | 1 Microsoft | 2 Windows Server 2003, Windows Xp | 2023-12-10 | 9.3 HIGH | 8.1 HIGH |
A buffer overflow in Smart Card authentication code in gpkcsp.dll in Microsoft Windows XP through SP3 and Server 2003 through SP2 allows a remote attacker to execute arbitrary code on the target computer, provided that the computer is joined in a Windows domain and has Remote Desktop Protocol connectivity (or Terminal Services) enabled. | |||||
CVE-2017-0767 | 1 Google | 1 Android | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
A elevation of privilege vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37536407. | |||||
CVE-2017-8278 | 1 Google | 1 Android | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
In all Qualcomm products with Android releases from CAF using the Linux kernel, while reading audio data from an unspecified driver, a buffer overflow or integer overflow could occur. | |||||
CVE-2017-12601 | 2 Debian, Opencv | 2 Debian Linux, Opencv | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
OpenCV (Open Source Computer Vision Library) through 3.3 has a buffer overflow in the cv::BmpDecoder::readData function in modules/imgcodecs/src/grfmt_bmp.cpp when reading an image file by using cv::imread, as demonstrated by the 4-buf-overflow-readData-memcpy test case. | |||||
CVE-2017-11013 | 1 Google | 1 Android | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, countOffset (in function UnpackCore) is increased for each loop, while there is no boundary check against "pIe->arraybound". | |||||
CVE-2017-12137 | 3 Citrix, Debian, Xen | 3 Xenserver, Debian Linux, Xen | 2023-12-10 | 7.2 HIGH | 8.8 HIGH |
arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref. | |||||
CVE-2017-0296 | 1 Microsoft | 6 Windows 10, Windows 7, Windows 8.1 and 3 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to elevate privilege when tdx.sys fails to check the length of a buffer prior to copying memory to it, aka "Windows TDX Elevation of Privilege Vulnerability". | |||||
CVE-2017-15222 | 1 Nftp Project | 1 Nftp | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Buffer Overflow vulnerability in Ayukov NFTPD 2.0 and earlier allows remote attackers to execute arbitrary code. | |||||
CVE-2017-2830 | 1 Foscam | 2 C1 Indoor Hd Camera, C1 Indoor Hd Camera Firmware | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can cause a buffer overflow resulting in overwriting arbitrary data. An attacker can simply send an HTTP request to the device to trigger this vulnerability. | |||||
CVE-2017-11003 | 1 Google | 1 Android | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while updating a firmware image, data is read from flash into RAM without checking that the data fits into allotted RAM size. | |||||
CVE-2015-7854 | 2 Netapp, Ntp | 6 Clustered Data Ontap, Data Ontap, Oncommand Balance and 3 more | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
Buffer overflow in the password management functionality in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted key file. | |||||
CVE-2017-8259 | 1 Google | 1 Android | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
In the service locator in all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow can occur as the variable set for determining the size of the buffer is not used to indicate the size of the buffer. | |||||
CVE-2017-0782 | 1 Google | 1 Android | 2023-12-10 | 8.3 HIGH | 8.8 HIGH |
A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146237. | |||||
CVE-2015-7853 | 2 Netapp, Ntp | 6 Clustered Data Ontap, Data Ontap, Oncommand Balance and 3 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value. | |||||
CVE-2017-0438 | 2 Google, Linux | 2 Android, Linux Kernel | 2023-12-10 | 7.6 HIGH | 7.0 HIGH |
An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32402604. References: QC-CR#1092497. | |||||
CVE-2016-9034 | 1 Joyent | 1 Smartos | 2023-12-10 | 6.9 MEDIUM | 7.0 HIGH |
An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dealing with 32-bit file systems. An attacker can craft an input that can cause a buffer overflow in the nm variable leading to an out of bounds memory access and could result in potential privilege escalation. This vulnerability is distinct from CVE-2016-9032. |