Total
5678 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-16363 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2023-12-10 | 9.3 HIGH | 8.8 HIGH |
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a buffer over-read in the module that handles character codes for certain textual representations. Invalid input leads to a computation where the pointer arithmetic results in a location outside valid memory locations belonging to the buffer. An attack can be used to obtain sensitive information, such as object heap addresses, etc. | |||||
CVE-2017-10928 | 1 Imagemagick | 1 Imagemagick | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the GetUserSpaceCoordinateValue function in coders/svg.c. | |||||
CVE-2017-14633 | 3 Canonical, Debian, Xiph.org | 3 Ubuntu Linux, Debian Linux, Libvorbis | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0_forward() in mapping0.c, which may lead to DoS when operating on a crafted audio file with vorbis_analysis(). | |||||
CVE-2017-17818 | 2 Canonical, Nasm | 2 Ubuntu Linux, Netwide Assembler | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read that will cause a remote denial of service attack, related to a while loop in paste_tokens in asm/preproc.c. | |||||
CVE-2017-9221 | 1 Audiocoding | 1 Freeware Advanced Audio Decoder 2 | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
The mp4ff_read_mdhd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file. | |||||
CVE-2017-11434 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
The dhcp_decode function in slirp/bootp.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) via a crafted DHCP options string. | |||||
CVE-2017-12933 | 1 Php | 1 Php | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
The finish_nested_data function in ext/standard/var_unserializer.re in PHP before 5.6.31, 7.0.x before 7.0.21, and 7.1.x before 7.1.7 is prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue can have an unspecified impact on the integrity of PHP. | |||||
CVE-2017-16406 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2023-12-10 | 9.3 HIGH | 8.8 HIGH |
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is an instance of a type confusion vulnerability in the EMF processing module. The issue causes the program to access an object using an incompatible type, leading to an out of bounds memory access. Attackers can exploit the vulnerability by using the out of bounds access for unintended reads, writes, or frees -- potentially leading to code corruption, control-flow hijack, or information leak attack. | |||||
CVE-2017-14246 | 2 Debian, Libsndfile Project | 2 Debian Linux, Libsndfile | 2023-12-10 | 5.8 MEDIUM | 8.1 HIGH |
An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values. | |||||
CVE-2017-11535 | 1 Imagemagick | 1 Imagemagick | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WritePSImage() function in coders/ps.c. | |||||
CVE-2017-13045 | 1 Tcpdump | 1 Tcpdump | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
The VQP parser in tcpdump before 4.9.2 has a buffer over-read in print-vqp.c:vqp_print(). | |||||
CVE-2017-16642 | 4 Canonical, Debian, Netapp and 1 more | 5 Ubuntu Linux, Debian Linux, Clustered Data Ontap and 2 more | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an error in the date extension's timelib_meridian handling of 'front of' and 'back of' directives could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c out-of-bounds reads affecting the php_parse_date function. NOTE: this is a different issue than CVE-2017-11145. | |||||
CVE-2017-12895 | 1 Tcpdump | 1 Tcpdump | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print(). | |||||
CVE-2017-7520 | 1 Openvpn | 1 Openvpn | 2023-12-10 | 4.0 MEDIUM | 7.4 HIGH |
OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service and/or possibly sensitive memory leak triggered by man-in-the-middle attacker. | |||||
CVE-2018-5248 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to the sixel_decode function. | |||||
CVE-2017-11669 | 1 Eapmd5pass Project | 1 Eapmd5pass | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
An out-of-bounds read flaw related to the assess_packet function in eapmd5pass.c:211 was found in the way eapmd5pass 1.4 handled processing of network packets. A remote attacker could potentially use this flaw to crash the eapmd5pass process under certain circumstances by generating specially crafted network traffic. | |||||
CVE-2017-14129 | 1 Gnu | 1 Binutils | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
The read_section function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (parse_comp_unit heap-based buffer over-read and application crash) via a crafted ELF file. | |||||
CVE-2017-16412 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2023-12-10 | 9.3 HIGH | 8.8 HIGH |
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs because of a computation that reads data that is past the end of the target buffer; the computation is part of the XPS conversion module, when handling a JPEG resource. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure. | |||||
CVE-2017-14822 | 1 Foxitsoftware | 1 Foxit Reader | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the xOsiz member of SIZ markers. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-5014. | |||||
CVE-2017-11714 | 2 Artifex, Debian | 2 Ghostscript, Debian Linux | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the scanner state structure, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PostScript document, related to an out-of-bounds read in the igc_reloc_struct_ptr function in psi/igc.c. |