Total
8820 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-14926 | 2 Debian, Freedesktop | 2 Debian Linux, Poppler | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia::Content::Content in Annot.cc via a crafted PDF document. | |||||
CVE-2017-14632 | 3 Canonical, Debian, Xiph.org | 3 Ubuntu Linux, Debian Linux, Libvorbis | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184. | |||||
CVE-2017-14633 | 3 Canonical, Debian, Xiph.org | 3 Ubuntu Linux, Debian Linux, Libvorbis | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0_forward() in mapping0.c, which may lead to DoS when operating on a crafted audio file with vorbis_analysis(). | |||||
CVE-2017-16227 | 2 Debian, Quagga | 2 Debian Linux, Quagga | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The aspath_put function in bgpd/bgp_aspath.c in Quagga before 1.2.2 allows remote attackers to cause a denial of service (session drop) via BGP UPDATE messages, because AS_PATH size calculation for long paths counts certain bytes twice and consequently constructs an invalid message. | |||||
CVE-2018-5704 | 2 Debian, Openocd | 2 Debian Linux, Open On-chip Debugger | 2023-12-10 | 9.3 HIGH | 9.6 CRITICAL |
Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP POST for sending data to 127.0.0.1 port 4444, which allows remote attackers to conduct cross-protocol scripting attacks, and consequently execute arbitrary commands, via a crafted web site. | |||||
CVE-2017-11434 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
The dhcp_decode function in slirp/bootp.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) via a crafted DHCP options string. | |||||
CVE-2017-16804 | 2 Debian, Redmine | 2 Debian Linux, Redmine | 2023-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
In Redmine before 3.2.7 and 3.3.x before 3.3.4, the reminders function in app/models/mailer.rb does not check whether an issue is visible, which allows remote authenticated users to obtain sensitive information by reading e-mail reminder messages. | |||||
CVE-2017-14246 | 2 Debian, Libsndfile Project | 2 Debian Linux, Libsndfile | 2023-12-10 | 5.8 MEDIUM | 8.1 HIGH |
An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values. | |||||
CVE-2017-8808 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 has XSS when the $wgShowExceptionDetails setting is false and the browser sends non-standard URL escaping. | |||||
CVE-2015-5194 | 6 Canonical, Debian, Fedoraproject and 3 more | 13 Ubuntu Linux, Debian Linux, Fedora and 10 more | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands. | |||||
CVE-2017-14064 | 4 Canonical, Debian, Redhat and 1 more | 9 Ubuntu Linux, Debian Linux, Enterprise Linux Desktop and 6 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during a JSON.generate call. The issues lies in using strdup in ext/json/ext/generator/generator.c, which will stop after encountering a '\0' byte, returning a pointer to a string of length zero, which is not the length stored in space_len. | |||||
CVE-2017-16642 | 4 Canonical, Debian, Netapp and 1 more | 5 Ubuntu Linux, Debian Linux, Clustered Data Ontap and 2 more | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an error in the date extension's timelib_meridian handling of 'front of' and 'back of' directives could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c out-of-bounds reads affecting the php_parse_date function. NOTE: this is a different issue than CVE-2017-11145. | |||||
CVE-2018-5248 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to the sixel_decode function. | |||||
CVE-2017-17434 | 2 Debian, Samba | 2 Debian Linux, Rsync | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
The daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, does not check for fnamecmp filenames in the daemon_filter_list data structure (in the recv_files function in receiver.c) and also does not apply the sanitize_paths protection mechanism to pathnames found in "xname follows" strings (in the read_ndx_and_attrs function in rsync.c), which allows remote attackers to bypass intended access restrictions. | |||||
CVE-2017-12601 | 2 Debian, Opencv | 2 Debian Linux, Opencv | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
OpenCV (Open Source Computer Vision Library) through 3.3 has a buffer overflow in the cv::BmpDecoder::readData function in modules/imgcodecs/src/grfmt_bmp.cpp when reading an image file by using cv::imread, as demonstrated by the 4-buf-overflow-readData-memcpy test case. | |||||
CVE-2017-14497 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
The tpacket_rcv function in net/packet/af_packet.c in the Linux kernel before 4.13 mishandles vnet headers, which might allow local users to cause a denial of service (buffer overflow, and disk and memory corruption) or possibly have unspecified other impact via crafted system calls. | |||||
CVE-2017-11714 | 2 Artifex, Debian | 2 Ghostscript, Debian Linux | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the scanner state structure, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PostScript document, related to an out-of-bounds read in the igc_reloc_struct_ptr function in psi/igc.c. | |||||
CVE-2016-1252 | 2 Canonical, Debian | 3 Ubuntu Linux, Advanced Package Tool, Debian Linux | 2023-12-10 | 4.3 MEDIUM | 5.9 MEDIUM |
The apt package in Debian jessie before 1.0.9.8.4, in Debian unstable before 1.4~beta2, in Ubuntu 14.04 LTS before 1.0.1ubuntu2.17, in Ubuntu 16.04 LTS before 1.2.15ubuntu0.2, and in Ubuntu 16.10 before 1.3.2ubuntu0.1 allows man-in-the-middle attackers to bypass a repository-signing protection mechanism by leveraging improper error handling when validating InRelease file signatures. | |||||
CVE-2017-13687 | 2 Debian, Tcpdump | 2 Debian Linux, Tcpdump | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print(). | |||||
CVE-2017-13756 | 2 Debian, Sleuthkit | 2 Debian Linux, The Sleuth Kit | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
In The Sleuth Kit (TSK) 4.4.2, opening a crafted disk image triggers infinite recursion in dos_load_ext_table() in tsk/vs/dos.c in libtskvs.a, as demonstrated by mmls. |