Max CVSS 10.0 Min CVSS 1.2 Total Count1268
IDCVSSSummaryLast (major) updatePublished
CVE-2016-9604 None
It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dns_resolver' in RHEL-7 or '.builtin_trusted_keys' upstream, by joining it as its session keyring. This allows root to bypass mod
11-07-2018 - 09:29 11-07-2018 - 09:29
CVE-2017-2615 None
Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to
02-07-2018 - 21:29 02-07-2018 - 21:29
CVE-2017-5469 None
Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5468 None
An issue with incorrect ownership model of "privateBrowsing" information exposed through developer tools. This can result in a non-exploitable crash when manually triggered during debugging. This vulnerability affects Firefox < 53.
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5467 None
A potential memory corruption and crash when using Skia content when drawing content outside of the bounds of a clipping region. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5466 None
If a page is loaded from an original site through a hyperlink and contains a redirect to a "data:text/html" URL, triggering a reload will run the reloaded "data:text/html" page with its origin set incorrectly. This allows for a cross-site scripting (
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5465 None
An out-of-bounds read while processing SVG content in "ConvolvePixel". This results in a crash and also allows for otherwise inaccessible memory being copied into SVG graphic content, which could then displayed. This vulnerability affects Thunderbird
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5464 None
During DOM manipulations of the accessibility tree through script, the DOM tree can become out of sync with the accessibility tree, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firef
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5462 None
A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bits over. The NSS library has been updated to fix this issue to address this issue and Firefox ESR 52.1 has been
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5460 None
A use-after-free vulnerability in frame selection triggered by a combination of malicious script content and key presses by a user. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Fi
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5459 None
A buffer overflow in WebGL triggerable by web content, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5458 None
When a "javascript:" URL is drag and dropped by a user into the addressbar, the URL will be processed and executed. This allows for users to be socially engineered to execute an XSS attack on themselves. This vulnerability affects Firefox < 53.
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5456 None
A mechanism to bypass file system access protections in the sandbox using the file system request constructor through an IPC message. This allows for read and write access to the local file system. This vulnerability affects Firefox ESR < 52.1 and Fi
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5455 None
The internal feed reader APIs that crossed the sandbox barrier allowed for a sandbox escape and escalation of privilege if combined with another vulnerability that resulted in remote code execution inside the sandboxed process. This vulnerability aff
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5454 None
A mechanism to bypass file system access protections in the sandbox to use the file picker to access different files than those selected in the file picker through the use of relative paths. This allows for read only access to the local file system.
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5453 None
A mechanism to inject static HTML into the RSS reader preview page due to a failure to escape characters sent as URL parameters for a feed's "TITLE" element. This vulnerability allows for spoofing but no scripted content can be run. This vulnerabilit
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5451 None
A mechanism to spoof the addressbar through the user interaction on the addressbar and the "onblur" event. The event could be used by script to affect text display to make the loaded site appear to be different from the one actually loaded within the
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5449 None
A possibly exploitable crash triggered during layout and manipulation of bidirectional unicode text in concert with CSS animations. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5448 None
An out-of-bounds write in "ClearKeyDecryptor" while decrypting some Clearkey-encrypted media content. The "ClearKeyDecryptor" code runs within the Gecko Media Plugin (GMP) sandbox. If a second mechanism is found to escape the sandbox, this vulnerabil
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5447 None
An out-of-bounds read during the processing of glyph widths during text layout. This results in a potentially exploitable crash and could allow an attacker to read otherwise inaccessible memory. This vulnerability affects Thunderbird < 52.1, Firefox
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5446 None
An out-of-bounds read when an HTTP/2 connection to a servers sends "DATA" frames with incorrect data content. This leads to a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Fi
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5445 None
A vulnerability while parsing "application/http-index-format" format content where uninitialized values are used to create an array. This could allow the reading of uninitialized memory into the arrays affected. This vulnerability affects Thunderbird
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5444 None
A buffer overflow vulnerability while parsing "application/http-index-format" format content when the header contains improperly formatted data. This allows for an out-of-bounds read of data from memory. This vulnerability affects Thunderbird < 52.1,
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5443 None
An out-of-bounds write vulnerability while decoding improperly formed BinHex format archives. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5442 None
A use-after-free vulnerability during changes in style when manipulating DOM elements. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5441 None
A use-after-free vulnerability when holding a selection during scroll events. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5440 None
A use-after-free vulnerability during XSLT processing due to a failure to propagate error conditions during matching while evaluating context, leading to objects being used when they no longer exist. This results in a potentially exploitable crash. T
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5439 None
A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 5
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5438 None
A use-after-free vulnerability during XSLT processing due to the result handler being held by a freed handler during handling. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5436 None
An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products. This vulnerability affec
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5435 None
A use-after-free vulnerability occurs during transaction processing in the editor during design mode interactions. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1,
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5434 None
A use-after-free vulnerability occurs when redirecting focus handling which results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5433 None
A use-after-free vulnerability in SMIL animation functions occurs when pointers to animation elements in an array are dropped from the animation controller while still in use. This results in a potentially exploitable crash. This vulnerability affect
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5432 None
A use-after-free vulnerability occurs during certain text input selection resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5430 None
Memory safety bugs were reported in Firefox 52, Firefox ESR 52, and Thunderbird 52. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulne
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5429 None
Memory safety bugs were reported in Firefox 52, Firefox ESR 45.8, Firefox ESR 52, and Thunderbird 52. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrar
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2016-7076 7.2
sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp() C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec
29-05-2018 - 09:29 29-05-2018 - 09:29
CVE-2016-9601 4.3
ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2_decode_gray_scale_image function which is used to decode halftone segments in a JBIG2 image. A document (PostScript or PDF) with an
23-04-2018 - 21:29 23-04-2018 - 21:29
CVE-2018-2703 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacke
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2696 7.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows unauthenticated attack
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2668 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged at
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2667 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multipl
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2665 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged at
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2647 7.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with net
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2646 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple prot
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2645 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker w
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2640 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged at
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2622 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2612 7.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access v
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2600 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multipl
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2590 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker w
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2586 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple prot
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2583 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Stored Procedure). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with networ
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2576 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple prot
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2573 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: GIS). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network acce
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2565 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple p
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2562 7.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows low privileged a
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2014-3471 2.1
Use-after-free vulnerability in hw/pci/pcie.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (QEMU instance crash) via hotplug and hotunplug operations of Virtio block devices.
12-01-2018 - 12:29 12-01-2018 - 12:29
CVE-2017-17841 4.3
Palo Alto Networks PAN-OS 6.1, 7.1, and 8.0.x before 8.0.7, when an interface implements SSL decryption with RSA enabled or hosts a GlobalProtect portal or gateway, might allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenb
10-01-2018 - 13:29 10-01-2018 - 13:29
CVE-2017-16878 4.3
Cross-site scripting (XSS) vulnerability in the Captive Portal function in Palo Alto Networks PAN-OS before 8.0.7 allows remote attackers to inject arbitrary web script or HTML by leveraging an unspecified configuration.
10-01-2018 - 13:29 10-01-2018 - 13:29
CVE-2017-15941 4.3
Cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.7, when the GlobalProtect gateway or portal is configured, allows remote attackers to inject arbitrary
10-01-2018 - 13:29 10-01-2018 - 13:29
CVE-2018-4871 5.0
An Out-of-bounds Read issue was discovered in Adobe Flash Player before 28.0.0.137. This vulnerability occurs because of computation that reads data that is past the end of the target buffer. The use of an invalid (out-of-range) pointer offset during
09-01-2018 - 16:29 09-01-2018 - 16:29
CVE-2015-2320 7.5
The TLS stack in Mono before 3.12.1 allows remote attackers to have unspecified impact via vectors related to client-side SSLv2 fallback.
08-01-2018 - 14:29 08-01-2018 - 14:29
CVE-2015-2319 5.0
The TLS stack in Mono before 3.12.1 makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204.
08-01-2018 - 14:29 08-01-2018 - 14:29
CVE-2015-2318 6.8
The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers to conduct message skipping attacks and consequently impersonate clients by leveraging missing handshake state validation, aka a "SMACK SKIP-TLS" issue.
08-01-2018 - 14:29 08-01-2018 - 14:29
CVE-2014-1859 2.1
(1) core/tests/test_memmap.py, (2) core/tests/test_multiarray.py, (3) f2py/f2py2e.py, and (4) lib/tests/test_io.py in NumPy before 1.8.1 allow local users to write to arbitrary files via a symlink attack on a temporary file.
08-01-2018 - 14:29 08-01-2018 - 14:29
CVE-2014-1858 2.1
__init__.py in f2py in NumPy before 1.8.1 allows local users to write to arbitrary files via a symlink attack on a temporary file.
08-01-2018 - 14:29 08-01-2018 - 14:29
CVE-2018-5208 7.5
In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain strings.
06-01-2018 - 11:29 06-01-2018 - 11:29
CVE-2018-5207 5.0
When using an incomplete variable argument, Irssi before 1.0.6 may access data beyond the end of the string.
06-01-2018 - 11:29 06-01-2018 - 11:29
CVE-2018-5206 7.5
When the channel topic is set without specifying a sender, Irssi before 1.0.6 may dereference a NULL pointer.
06-01-2018 - 11:29 06-01-2018 - 11:29
CVE-2018-5205 5.0
When using incomplete escape codes, Irssi before 1.0.6 may access data beyond the end of the string.
06-01-2018 - 11:29 06-01-2018 - 11:29
CVE-2018-5247 4.3
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c.
05-01-2018 - 14:29 05-01-2018 - 14:29
CVE-2018-5246 4.3
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c.
05-01-2018 - 14:29 05-01-2018 - 14:29
CVE-2017-18022 4.3
In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCommand in MagickWand/montage.c.
05-01-2018 - 14:29 05-01-2018 - 14:29
CVE-2017-5754 4.7
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.
04-01-2018 - 08:29 04-01-2018 - 08:29
CVE-2017-5715 4.7
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
04-01-2018 - 08:29 04-01-2018 - 08:29
CVE-2017-1000476 7.1
ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service.
03-01-2018 - 13:29 03-01-2018 - 13:29
CVE-2017-1000501 7.5
Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution.
03-01-2018 - 10:29 03-01-2018 - 10:29
CVE-2017-1000433 6.8
pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password.
02-01-2018 - 18:29 02-01-2018 - 18:29
CVE-2017-1000422 6.8
Gnome gdk-pixbuf 2.36.8 and older is vulnerable to several integer overflow in the gif_get_lzw function resulting in memory corruption and potential code execution
02-01-2018 - 15:29 02-01-2018 - 15:29
CVE-2017-1000456 4.3
freedesktop.org libpoppler 0.60.1 fails to validate boundaries in TextPool::addWord, leading to overflow in subsequent calculations.
02-01-2018 - 13:29 02-01-2018 - 13:29
CVE-2017-1000445 4.3
ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service
02-01-2018 - 10:29 02-01-2018 - 10:29
CVE-2015-8008 5.0
The OAuth extension for MediaWiki improperly negotiates a new client token only over Special:OAuth/initiate, which allows attackers to bypass intended IP address access restrictions by making an API request with an existing token.
29-12-2017 - 17:29 29-12-2017 - 17:29
CVE-2014-8119 5.0
The find_ifcfg_path function in netcf before 0.2.7 might allow attackers to cause a denial of service (application crash) via vectors involving augeas path expressions.
29-12-2017 - 17:29 29-12-2017 - 17:29
CVE-2014-4978 3.6
The rs_filter_graph function in librawstudio/rs-filter.c in rawstudio might allow local users to truncate arbitrary files via a symlink attack on (1) /tmp/rs-filter-graph.png or (2) /tmp/rs-filter-graph.
29-12-2017 - 17:29 29-12-2017 - 17:29
CVE-2014-4914 7.5
The Zend_Db_Select::order function in Zend Framework before 1.12.7 does not properly handle parentheses, which allows remote attackers to conduct SQL injection attacks via unspecified vectors.
29-12-2017 - 09:29 29-12-2017 - 09:29
CVE-2017-7156 6.8
An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves
27-12-2017 - 12:08 27-12-2017 - 12:08
CVE-2017-17882 4.3
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted XPM image file.
27-12-2017 - 12:08 27-12-2017 - 12:08
CVE-2017-17881 4.3
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted MAT image file.
27-12-2017 - 12:08 27-12-2017 - 12:08
CVE-2017-17864 2.1
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allows local users to obtain potentially sensitive address information, aka a "pointer l
27-12-2017 - 12:08 27-12-2017 - 12:08
CVE-2017-17863 7.2
kernel/bpf/verifier.c in the Linux kernel 4.9.x through 4.9.71 does not check the relationship between pointer values and the BPF stack, which allows local users to cause a denial of service (integer overflow or invalid memory access) or possibly hav
27-12-2017 - 12:08 27-12-2017 - 12:08
CVE-2017-17862 4.9
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users
27-12-2017 - 12:08 27-12-2017 - 12:08
CVE-2017-16995 7.2
The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect sign extension.
27-12-2017 - 12:08 27-12-2017 - 12:08
CVE-2017-13870 6.8
An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves
25-12-2017 - 16:29 25-12-2017 - 16:29
CVE-2017-13866 6.8
An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves
25-12-2017 - 16:29 25-12-2017 - 16:29
CVE-2017-13856 6.8
An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves
25-12-2017 - 16:29 25-12-2017 - 16:29
CVE-2017-17807 2.1
The KEYS subsystem in the Linux kernel before 4.14.6 omitted an access-control check when adding a key to the current task's "default request-key keyring" via the request_key() system call, allowing a local user to use a sequence of crafted system ca
20-12-2017 - 18:29 20-12-2017 - 18:29
CVE-2017-17806 7.2
The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HAS
20-12-2017 - 18:29 20-12-2017 - 18:29
CVE-2017-17805 7.2
The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service
20-12-2017 - 18:29 20-12-2017 - 18:29
CVE-2017-17790 7.5
The lazy_initialize function in lib/resolv.rb in Ruby through 2.4.3 uses Kernel#open, which might allow Command Injection attacks, as demonstrated by a Resolv::Hosts::new argument beginning with a '|' character, a different vulnerability than CVE-201
20-12-2017 - 04:29 20-12-2017 - 04:29
CVE-2017-17789 6.8
In GIMP 2.8.22, there is a heap-based buffer overflow in read_channel_data in plug-ins/common/file-psp.c.
20-12-2017 - 04:29 20-12-2017 - 04:29
CVE-2017-17788 6.8
In GIMP 2.8.22, there is a stack-based buffer over-read in xcf_load_stream in app/xcf/xcf.c when there is no '\0' character after the version string.
20-12-2017 - 04:29 20-12-2017 - 04:29
CVE-2017-17787 6.8
In GIMP 2.8.22, there is a heap-based buffer over-read in read_creator_block in plug-ins/common/file-psp.c.
20-12-2017 - 04:29 20-12-2017 - 04:29
CVE-2017-17786 6.8
In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in plug-ins/common/file-tga.c (related to bgr2rgb.part.1) via an unexpected bits-per-pixel value for an RGBA image.
20-12-2017 - 04:29 20-12-2017 - 04:29
CVE-2017-17785 6.8
In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c.
20-12-2017 - 04:29 20-12-2017 - 04:29
CVE-2017-17784 6.8
In GIMP 2.8.22, there is a heap-based buffer over-read in load_image in plug-ins/common/file-gbr.c in the gbr import parser, related to mishandling of UTF-8 data.
20-12-2017 - 04:29 20-12-2017 - 04:29
CVE-2017-17741 2.1
The KVM implementation in the Linux kernel through 4.14.7 allows attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio stack-based out-of-bounds read, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h.
18-12-2017 - 03:29 18-12-2017 - 03:29
CVE-2017-17405 9.3
Ruby before 2.4.3 allows Net::FTP command injection. Net::FTP#get, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile use Kernel#open to open a local file. If the localfile argument starts with the "|" pipe character, the command followi
15-12-2017 - 04:29 15-12-2017 - 04:29
CVE-2017-17680 4.3
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted xpm image file.
14-12-2017 - 01:29 14-12-2017 - 01:29
CVE-2017-11305 5.0
A regression affecting Adobe Flash Player version 27.0.0.187 (and earlier versions) causes the unintended reset of the global settings preference file when a user clears browser data.
13-12-2017 - 16:29 13-12-2017 - 16:29
CVE-2017-17558 7.2
The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces before attempting to release resources, which allow
12-12-2017 - 10:29 12-12-2017 - 10:29
CVE-2017-1000407 6.1
The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.
11-12-2017 - 16:29 11-12-2017 - 16:29
CVE-2017-1000410 5.0
The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned
07-12-2017 - 14:29 07-12-2017 - 14:29
CVE-2017-17450 4.6
net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations, which allows local users to bypass intended access restrictions because the xt_osf_fingers data s
06-12-2017 - 19:29 06-12-2017 - 19:29
CVE-2017-17449 1.9
The __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in the Linux kernel through 4.14.4, when CONFIG_NLMON is enabled, does not restrict observations of Netlink messages to a single net namespace, which allows local users to obtain sens
06-12-2017 - 19:29 06-12-2017 - 19:29
CVE-2017-17448 4.6
net/netfilter/nfnetlink_cthelper.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for new, get, and del operations, which allows local users to bypass intended access restrictions because the nfnl_cthelper_list data
06-12-2017 - 19:29 06-12-2017 - 19:29
CVE-2017-17434 7.5
The daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, does not check for fnamecmp filenames in the daemon_filter_list data structure (in the recv_files function in receiver.c) and also does not apply the sanitize_paths protection mechan
05-12-2017 - 22:29 05-12-2017 - 22:29
CVE-2017-17433 7.5
The recv_files function in receiver.c in the daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, proceeds with certain file metadata updates before checking for a filename in the daemon_filter_list data structure, which allows remote atta
05-12-2017 - 22:29 05-12-2017 - 22:29
CVE-2017-15868 7.2
The bnep_add_connection function in net/bluetooth/bnep/core.c in the Linux kernel before 3.19 does not ensure that an l2cap socket is available, which allows local users to gain privileges via a crafted application.
05-12-2017 - 18:29 05-12-2017 - 18:29
CVE-2016-1255 7.2
The pg_ctlcluster script in postgresql-common package in Debian wheezy before 134wheezy5, in Debian jessie before 165+deb8u2, in Debian unstable before 178, in Ubuntu 12.04 LTS before 129ubuntu1.2, in Ubuntu 14.04 LTS before 154ubuntu1.1, in Ubuntu 1
05-12-2017 - 11:29 05-12-2017 - 11:29
CVE-2016-1252 4.3
The apt package in Debian jessie before 1.0.9.8.4, in Debian unstable before 1.4~beta2, in Ubuntu 14.04 LTS before 1.0.1ubuntu2.17, in Ubuntu 16.04 LTS before 1.2.15ubuntu0.2, and in Ubuntu 16.10 before 1.3.2ubuntu0.1 allows man-in-the-middle attacke
05-12-2017 - 11:29 05-12-2017 - 11:29
CVE-2017-8824 7.2
The dccp_disconnect function in net/dccp/proto.c in the Linux kernel through 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state.
05-12-2017 - 04:29 05-12-2017 - 04:29
CVE-2017-16612 5.0
libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcur
01-12-2017 - 12:29 01-12-2017 - 12:29
CVE-2017-16611 2.1
In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files.
01-12-2017 - 12:29 01-12-2017 - 12:29
CVE-2017-17085 5.0
In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP Safety dissector could crash. This was addressed in epan/dissectors/packet-cipsafety.c by validating the packet length.
01-12-2017 - 03:29 01-12-2017 - 03:29
CVE-2017-17084 5.0
In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the IWARP_MPA dissector could crash. This was addressed in epan/dissectors/packet-iwarp-mpa.c by validating a ULPDU length.
01-12-2017 - 03:29 01-12-2017 - 03:29
CVE-2017-17083 5.0
In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the NetBIOS dissector could crash. This was addressed in epan/dissectors/packet-netbios.c by ensuring that write operations are bounded by the beginning of a buffer.
01-12-2017 - 03:29 01-12-2017 - 03:29
CVE-2017-1000405 6.9
The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of pmd_mkdirty() in the touch_pmd() function inside the THP implementation. touch_pmd() can be reached by get_user_pages(). In such case, the pmd will become dirty. This scenario br
30-11-2017 - 17:29 30-11-2017 - 17:29
CVE-2017-8817 7.5
The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character.
29-11-2017 - 13:29 29-11-2017 - 13:29
CVE-2017-8816 7.5
The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application crash) or possibly have unspecified other impact via
29-11-2017 - 13:29 29-11-2017 - 13:29
CVE-2017-1000159 4.6
Command injection in evince via filename when printing to PDF. This affects versions earlier than 3.25.91.
27-11-2017 - 10:29 27-11-2017 - 10:29
CVE-2017-16944 5.0
The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to cause a denial of service (infinite loop and stack exhaustion) via vectors involving BDAT commands and an improper check for a '.' character sig
25-11-2017 - 12:29 25-11-2017 - 12:29
CVE-2017-16943 7.5
The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via vectors involving BDAT commands.
25-11-2017 - 12:29 25-11-2017 - 12:29
CVE-2017-16939 7.2
The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM
24-11-2017 - 05:29 24-11-2017 - 05:29
CVE-2017-16932 5.0
parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.
23-11-2017 - 16:29 23-11-2017 - 16:29
CVE-2017-12193 4.9
The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.13.11 mishandles node splitting, which allows local users to cause a denial of service (NULL pointer dereference and panic) via a crafted application
22-11-2017 - 13:29 22-11-2017 - 13:29
CVE-2017-12190 4.9
The bio_map_user_iov and bio_unmap_user functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bio_add_pc_page function merges them int
22-11-2017 - 13:29 22-11-2017 - 13:29
CVE-2017-3157 4.3
By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user's filesystem. Information could be retrieved by the attacker by, e.g., using hidden sections
20-11-2017 - 15:29 20-11-2017 - 15:29
CVE-2017-12608 6.8
A vulnerability in Apache OpenOffice Writer DOC file parser before 4.1.4, and specifically in ImportOldFormatStyles, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resu
20-11-2017 - 15:29 20-11-2017 - 15:29
CVE-2017-12607 6.8
A vulnerability in OpenOffice's PPT file parser before 4.1.4, and specifically in PPTStyleSheet, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary c
20-11-2017 - 14:29 20-11-2017 - 14:29
CVE-2017-1000229 6.8
Integer overflow bug in function minitiff_read_info() of optipng 0.7.6 allows an attacker to remotely execute code or cause denial of service.
17-11-2017 - 00:29 17-11-2017 - 00:29
CVE-2017-1000158 7.5
CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)
17-11-2017 - 00:29 17-11-2017 - 00:29
CVE-2017-1000232 7.5
A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors.
16-11-2017 - 23:29 16-11-2017 - 23:29
CVE-2017-1000231 7.5
A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors.
16-11-2017 - 23:29 16-11-2017 - 23:29
CVE-2017-16844 10.0
Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted e-mail message because of a hardcode
16-11-2017 - 10:29 16-11-2017 - 10:29
CVE-2017-15115 7.2
The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service (use-after-free and system crash) or possi
15-11-2017 - 16:29 15-11-2017 - 16:29
CVE-2016-8610 5.0
A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL ser
13-11-2017 - 17:29 13-11-2017 - 17:29
CVE-2017-8806 3.6
The Debian pg_ctlcluster, pg_createcluster, and pg_upgradecluster scripts, as distributed in the Debian postgresql-common package before 181+deb9u1 for PostgreSQL (and other packages related to Debian and Ubuntu), handled symbolic links insecurely, w
13-11-2017 - 04:29 13-11-2017 - 04:29
CVE-2017-13803 6.8
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13802 6.8
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13798 6.8
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13796 6.8
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13795 6.8
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13794 6.8
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13793 6.8
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13792 6.8
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13791 6.8
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13788 6.8
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13785 6.8
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13784 6.8
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13783 6.8
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-16649 7.2
The usbnet_generic_cdc_bind function in drivers/net/usb/cdc_ether.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (divide-by-zero error and system crash) or possibly have unspecified other impact via a crafted US
07-11-2017 - 18:29 07-11-2017 - 18:29
CVE-2017-16643 7.2
The parse_hid_report_descriptor function in drivers/input/tablet/gtco.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted U
07-11-2017 - 18:29 07-11-2017 - 18:29
CVE-2017-16642 5.0
In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an error in the date extension's timelib_meridian handling of 'front of' and 'back of' directives could be used by attackers able to supply date strings to leak information from the in
07-11-2017 - 16:29 07-11-2017 - 16:29
CVE-2017-15306 4.9
The kvm_vm_ioctl_check_extension function in arch/powerpc/kvm/powerpc.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) via a KVM_CHECK_EXTENSION KVM_CAP_PPC_HTM ioctl cal
06-11-2017 - 13:29 06-11-2017 - 13:29
CVE-2015-7529 4.6
sosreport in SoS 3.x allows local users to obtain sensitive information from sosreport files or gain privileges via a symlink attack on an archive file in a temporary directory, as demonstrated by sosreport-$hostname-$date.tar in /tmp/sosreport-$host
06-11-2017 - 12:29 06-11-2017 - 12:29
CVE-2017-16548 7.5
The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a trailing '\0' character in an xattr name, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash)
06-11-2017 - 00:29 06-11-2017 - 00:29
CVE-2017-16538 7.2
drivers/media/usb/dvb-usb-v2/lmedm04.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device, related to a mi
03-11-2017 - 21:29 03-11-2017 - 21:29
CVE-2017-16537 7.2
The imon_probe function in drivers/media/rc/imon.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.
03-11-2017 - 21:29 03-11-2017 - 21:29
CVE-2017-16536 7.2
The cx231xx_usb_probe function in drivers/media/usb/cx231xx/cx231xx-cards.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via
03-11-2017 - 21:29 03-11-2017 - 21:29
CVE-2017-16535 7.2
The usb_get_bos_descriptor function in drivers/usb/core/config.c in the Linux kernel before 4.13.10 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB devi
03-11-2017 - 21:29 03-11-2017 - 21:29
CVE-2017-16534 7.2
The cdc_parse_cdc_header function in drivers/usb/core/message.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device
03-11-2017 - 21:29 03-11-2017 - 21:29
CVE-2017-16533 7.2
The usbhid_parse function in drivers/hid/usbhid/hid-core.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.
03-11-2017 - 21:29 03-11-2017 - 21:29
CVE-2017-16532 7.2
The get_endpoints function in drivers/usb/misc/usbtest.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB devic
03-11-2017 - 21:29 03-11-2017 - 21:29
CVE-2017-16531 7.2
drivers/usb/core/config.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device, related to the USB_DT_INTERFACE_ASSO
03-11-2017 - 21:29 03-11-2017 - 21:29
CVE-2017-16530 7.2
The uas driver in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device, related to drivers/usb/storage/uas-detect.h and
03-11-2017 - 21:29 03-11-2017 - 21:29
CVE-2017-16529 7.2
The snd_usb_create_streams function in sound/usb/card.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.
03-11-2017 - 21:29 03-11-2017 - 21:29
CVE-2017-16527 7.2
sound/usb/mixer.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (snd_usb_mixer_interrupt use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device.
03-11-2017 - 21:29 03-11-2017 - 21:29
CVE-2017-16526 7.2
drivers/uwb/uwbd.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device.
03-11-2017 - 21:29 03-11-2017 - 21:29
CVE-2017-16525 7.2
The usb_serial_console_disconnect function in drivers/usb/serial/console.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted USB
03-11-2017 - 21:29 03-11-2017 - 21:29
CVE-2017-3736 4.0
There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very
02-11-2017 - 13:29 02-11-2017 - 13:29
CVE-2017-1000257 6.4
An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that (non-existing) data with a pointer and the size (zero) to the deliver-data function. l
31-10-2017 - 17:29 31-10-2017 - 17:29
CVE-2017-1000255 6.6
On Linux running on PowerPC hardware (Power8 or later) a user process can craft a signal frame and then do a sigreturn so that the kernel will take an exception (interrupt), and use the r1 value *from the signal frame* as the kernel stack pointer. As
30-10-2017 - 16:29 30-10-2017 - 16:29
CVE-2017-15951 7.2
The KEYS subsystem in the Linux kernel before 4.13.10 does not correctly synchronize the actions of updating versus finding a key in the "negative" state to avoid a race condition, which allows local users to cause a denial of service or possibly hav
27-10-2017 - 22:29 27-10-2017 - 22:29
CVE-2017-13090 9.3
The retr.c:fd_read_body() function is called when processing OK responses. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the chunk length is a non-negative
27-10-2017 - 15:29 27-10-2017 - 15:29
CVE-2017-13089 9.3
The http.c:skip_short_body() function is called in some circumstances, such as when processing redirects. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the
27-10-2017 - 15:29 27-10-2017 - 15:29
CVE-2017-15908 5.0
In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC resource record to trigger an infinite loop in the dns_packet_read_type_window() function of the 'systemd-resolved' service and cause a DoS of the affected ser
26-10-2017 - 10:29 26-10-2017 - 10:29
CVE-2016-10516 4.3
Cross-site scripting (XSS) vulnerability in the render_full function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 (as used in Pallets Flask and other products) allows remote attackers to inject arbitrary web script or HTML v
23-10-2017 - 12:29 23-10-2017 - 12:29
CVE-2017-7120 6.8
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKi
22-10-2017 - 21:29 22-10-2017 - 21:29
CVE-2017-7117 6.8
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKi
22-10-2017 - 21:29 22-10-2017 - 21:29
CVE-2017-7111 6.8
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKi
22-10-2017 - 21:29 22-10-2017 - 21:29
CVE-2017-7109 4.3
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKi
22-10-2017 - 21:29 22-10-2017 - 21:29
CVE-2017-7107 6.8
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKi
22-10-2017 - 21:29 22-10-2017 - 21:29
CVE-2017-7104 6.8
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKi
22-10-2017 - 21:29 22-10-2017 - 21:29
CVE-2017-7102 6.8
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKi
22-10-2017 - 21:29 22-10-2017 - 21:29
CVE-2017-7100 6.8
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKi
22-10-2017 - 21:29 22-10-2017 - 21:29
CVE-2017-7098 6.8
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKi
22-10-2017 - 21:29 22-10-2017 - 21:29
CVE-2017-7096 6.8
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKi
22-10-2017 - 21:29 22-10-2017 - 21:29
CVE-2017-7095 6.8
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKi
22-10-2017 - 21:29 22-10-2017 - 21:29
CVE-2017-7093 6.8
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKi
22-10-2017 - 21:29 22-10-2017 - 21:29
CVE-2017-7092 6.8
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKi
22-10-2017 - 21:29 22-10-2017 - 21:29
CVE-2017-7091 6.8
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKi
22-10-2017 - 21:29 22-10-2017 - 21:29
CVE-2017-7090 5.0
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKi
22-10-2017 - 21:29 22-10-2017 - 21:29
CVE-2017-7089 4.3
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS
22-10-2017 - 21:29 22-10-2017 - 21:29
CVE-2017-7087 6.8
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKi
22-10-2017 - 21:29 22-10-2017 - 21:29
CVE-2017-15723 5.0
In Irssi before 1.0.5, overlong nicks or targets may result in a NULL pointer dereference while splitting the message.
22-10-2017 - 16:29 22-10-2017 - 16:29
CVE-2017-15722 5.0
In certain cases, Irssi before 1.0.5 may fail to verify that a Safe channel ID is long enough, causing reads beyond the end of the string.
22-10-2017 - 16:29 22-10-2017 - 16:29
CVE-2017-15721 5.0
In Irssi before 1.0.5, certain incorrectly formatted DCC CTCP messages could cause a NULL pointer dereference. This is a separate, but similar, issue relative to CVE-2017-9468.
22-10-2017 - 16:29 22-10-2017 - 16:29
CVE-2017-15228 5.0
Irssi before 1.0.5, when installing themes with unterminated colour formatting sequences, may access data beyond the end of the string.
22-10-2017 - 16:29 22-10-2017 - 16:29
CVE-2017-15227 5.0
Irssi before 1.0.5, while waiting for the channel synchronisation, may incorrectly fail to remove destroyed channels from the query list, resulting in use-after-free conditions when updating the state later on.
22-10-2017 - 16:29 22-10-2017 - 16:29
CVE-2015-5177 5.0
Double free vulnerability in the SLPDKnownDAAdd function in slpd/slpd_knownda.c in OpenSLP 1.2.1 allows remote attackers to cause a denial of service (crash) via a crafted package.
22-10-2017 - 14:29 22-10-2017 - 14:29
CVE-2017-15649 4.6
net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) t
19-10-2017 - 18:29 19-10-2017 - 18:29
CVE-2017-10388 5.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Difficult to exploit vulnerability allows unau
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10384 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.57 and earlier 5.6.37 and earlier 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacke
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10379 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows low privilege
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10378 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.11 and earlier. Easily exploitable vulnerability allows low privile
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10357 5.0
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows un
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10356 2.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10355 5.0
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitabl
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10350 5.0
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10349 5.0
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthentic
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10348 5.0
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauth
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10347 5.0
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthentic
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10346 6.8
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthen
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10345 2.6
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to e
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10320 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10314 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with n
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10313 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Group Replication GCS). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via m
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10311 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: FTS). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pr
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10295 4.3
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to expl
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10294 1.7
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with n
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10293 5.8
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HT
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10286 3.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with ne
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10285 6.8
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthentica
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10283 3.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows low privileged attac
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10281 5.0
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploit
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10276 5.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: FTS). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10274 4.0
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Smart Card IO). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Difficult to exploit vulnerability allows unauthenticated attacker with network acces
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10268 1.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high pr
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10227 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with n
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10197 2.1
Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: Folios). The supported version that is affected is 5.4.2.x through 5.5.1.x. Easily exploitable vulnerability allows physical
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10167 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multip
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10165 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via mul
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10155 5.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows unauthenticated attacker w
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2015-5740 7.5
The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smuggling attacks via a request with two Content-length headers.
18-10-2017 - 16:29 18-10-2017 - 16:29
CVE-2015-5739 7.5
The net/http library in net/textproto/reader.go in Go before 1.4.3 does not properly parse HTTP header keys, which allows remote attackers to conduct HTTP request smuggling attacks via a space instead of a hyphen, as demonstrated by "Content Length"
18-10-2017 - 16:29 18-10-2017 - 16:29
CVE-2015-7943 5.8
Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module 7.x-1.x before 7.x-1.8 allows remote attackers to redirect users to arbitrary web sites and
18-10-2017 - 14:29 18-10-2017 - 14:29
CVE-2015-2156 4.3
Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before 4.0.28.Final, and 4.1.x before 4.1.0.Beta5 and Play Framework 2.x before 2.3.9 might allow remote attackers to bypass the httpOnly flag on cookies and obtain sensitive information by
18-10-2017 - 11:29 18-10-2017 - 11:29
CVE-2017-15596 4.9
An issue was discovered in Xen 4.4.x through 4.9.x allowing ARM guest OS users to cause a denial of service (prevent physical CPU usage) because of lock mishandling upon detection of an add-to-physmap error.
18-10-2017 - 04:29 18-10-2017 - 04:29
CVE-2017-15565 6.8
In Poppler 0.59.0, a NULL Pointer Dereference exists in the GfxImageColorMap::getGrayLine() function in GfxState.cc via a crafted PDF document.
17-10-2017 - 18:29 17-10-2017 - 18:29
CVE-2017-15537 2.1
The x86/fpu (Floating Point Unit) subsystem in the Linux kernel before 4.13.5, when a processor supports the xsave feature but not the xsaves feature, does not correctly handle attempts to set reserved bits in the xstate header via the ptrace() or rt
17-10-2017 - 14:29 17-10-2017 - 14:29
CVE-2014-2277 3.6
The make_temporary_filename function in perltidy 20120701-1 and earlier allows local users to obtain sensitive information or write to arbitrary files via a symlink attack, related to use of the tmpnam function.
17-10-2017 - 11:29 17-10-2017 - 11:29
CVE-2014-8324 5.0
network.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to cause a denial of service (segmentation fault) via a response with a crafted length parameter.
17-10-2017 - 10:29 17-10-2017 - 10:29
CVE-2014-8323 5.0
buddy-ng.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to cause a denial of service (segmentation fault) via a response with a crafted length parameter.
17-10-2017 - 10:29 17-10-2017 - 10:29
CVE-2017-13088 2.9
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to repl
17-10-2017 - 09:29 17-10-2017 - 09:29
CVE-2017-13087 2.9
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames f
17-10-2017 - 09:29 17-10-2017 - 09:29
CVE-2017-13086 5.4
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
17-10-2017 - 09:29 17-10-2017 - 09:29
CVE-2017-13082 5.8
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt,
17-10-2017 - 09:29 17-10-2017 - 09:29
CVE-2017-13081 2.9
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.
17-10-2017 - 09:29 17-10-2017 - 09:29
CVE-2017-13080 2.9
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.
17-10-2017 - 09:29 17-10-2017 - 09:29
CVE-2017-13079 2.9
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.
17-10-2017 - 09:29 17-10-2017 - 09:29
CVE-2017-13078 2.9
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.
17-10-2017 - 09:29 17-10-2017 - 09:29
CVE-2017-13077 5.4
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
16-10-2017 - 22:29 16-10-2017 - 22:29
CVE-2017-15265 6.9
Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clie
16-10-2017 - 14:29 16-10-2017 - 14:29
CVE-2015-7687 7.5
Use-after-free vulnerability in OpenSMTPD before 5.7.2 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via vectors involving req_ca_vrfy_smtp and req_ca_vrfy_mta.
16-10-2017 - 14:29 16-10-2017 - 14:29
CVE-2017-14952 7.5
Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary code via a crafted string, aka a "redundant UVector entry clean up function call" issue.
16-10-2017 - 12:29 16-10-2017 - 12:29
CVE-2016-8734 4.0
Subversion's mod_dontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. The attack can cause the targeted process to consume an excessi
16-10-2017 - 09:29 16-10-2017 - 09:29
CVE-2017-15299 4.9
The KEYS subsystem in the Linux kernel through 4.13.7 mishandles use of add_key for a key that already exists but is uninstantiated, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have un
14-10-2017 - 19:29 14-10-2017 - 19:29
CVE-2017-12629 7.5
Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is N
14-10-2017 - 19:29 14-10-2017 - 19:29
CVE-2017-15281 6.8
ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to "Conditional jump or move depends on uninitialised v
12-10-2017 - 04:29 12-10-2017 - 04:29
CVE-2017-15277 4.3
ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette. If the affected product is used as a library loaded into a process
12-10-2017 - 04:29 12-10-2017 - 04:29
CVE-2017-12192 4.9
The keyctl_read_key function in security/keys/keyctl.c in the Key Management subcomponent in the Linux kernel before 4.13.5 does not properly consider that a key may be possessed but negatively instantiated, which allows local users to cause a denial
11-10-2017 - 20:29 11-10-2017 - 20:29
CVE-2017-13722 3.6
In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check (for PCF files) could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclos
11-10-2017 - 13:29 11-10-2017 - 13:29
CVE-2017-13720 3.6
In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of fonts, leading to information disclosure or a crash
11-10-2017 - 13:29 11-10-2017 - 13:29
CVE-2017-12188 6.9
arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest virtual address, which allows L1 guest OS users to execute arbitrary code on the host OS
11-10-2017 - 11:29 11-10-2017 - 11:29
CVE-2017-15193 7.8
In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-mbim.c by changing the memory-allocation approach.
10-10-2017 - 17:29 10-10-2017 - 17:29
CVE-2017-15192 5.0
In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by considering a case where not all of the BTATT packets have the same encapsulation level.
10-10-2017 - 17:29 10-10-2017 - 17:29
CVE-2017-15191 5.0
In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length.
10-10-2017 - 17:29 10-10-2017 - 17:29
CVE-2014-9092 4.3
libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker.
10-10-2017 - 09:29 10-10-2017 - 09:29
CVE-2017-13723 4.6
In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the X server or potentially other problems by injecting large or malformed XKB related atom
09-10-2017 - 21:30 09-10-2017 - 21:30
CVE-2017-13721 1.9
In X.Org Server (aka xserver and xorg-server) before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session
09-10-2017 - 21:30 09-10-2017 - 21:30
CVE-2014-9474 7.5
Buffer overflow in the mpfr_strtofr function in GNU MPFR before 3.1.2-p11 allows context-dependent attackers to have unspecified impact via vectors related to incorrect documentation for mpn_set_str.
09-10-2017 - 21:30 09-10-2017 - 21:30
CVE-2015-0296 1.2
The pre-install script in texlive 3.1.20140525_r34255.fc21 as packaged in Fedora 21 and rpm, and texlive 6.20131226_r32488.fc20 and rpm allows local users to delete arbitrary files via a crafted file in the user's home directory.
06-10-2017 - 18:29 06-10-2017 - 18:29
CVE-2017-1000117 6.8
A malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to visit the URL can result in any program that exists on the victim's machine being executed. Such a URL could be placed in the .gitmodules file of
04-10-2017 - 21:29 04-10-2017 - 21:29
CVE-2017-1000112 6.9
Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSG_MORE __ip_append_data() calls ip_ufo_append_data() to append. However in between two send() calls, the append path can be switched from
04-10-2017 - 21:29 04-10-2017 - 21:29
CVE-2017-1000111 7.2
Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_
04-10-2017 - 21:29 04-10-2017 - 21:29
CVE-2017-14991 2.1
The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4 allows local users to obtain sensitive information from uninitialized kernel heap-memory locations via an SG_GET_REQUEST_TABLE ioctl call for /dev/sg0.
03-10-2017 - 21:29 03-10-2017 - 21:29
CVE-2017-14491 7.5
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
03-10-2017 - 21:29 03-10-2017 - 21:29
CVE-2017-14496 7.8
Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.
02-10-2017 - 21:29 02-10-2017 - 21:29
CVE-2017-14495 5.0
Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation.
02-10-2017 - 21:29 02-10-2017 - 21:29
CVE-2017-14494 4.3
dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.
02-10-2017 - 21:29 02-10-2017 - 21:29
CVE-2017-14493 7.5
Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.
02-10-2017 - 21:29 02-10-2017 - 21:29
CVE-2017-14492 7.5
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.
02-10-2017 - 21:29 02-10-2017 - 21:29
CVE-2017-14977 5.0
The FoFiTrueType::getCFFBlock function in FoFiTrueType.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability due to lack of validation of a table pointer, which allows an attacker to launch a denial of service attack.
01-10-2017 - 21:29 01-10-2017 - 21:29
CVE-2017-14976 5.0
The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a heap-based buffer over-read vulnerability if an out-of-bounds font dictionary index is encountered, which allows an attacker to launch a denial of service attack.
01-10-2017 - 21:29 01-10-2017 - 21:29
CVE-2017-14975 5.0
The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability because a data structure is not initialized, which allows an attacker to launch a denial of service attack.
01-10-2017 - 21:29 01-10-2017 - 21:29
CVE-2017-14954 2.1
The waitid implementation in kernel/exit.c in the Linux kernel through 4.13.4 accesses rusage data structures in unintended cases, which allows local users to obtain sensitive information, and bypass the KASLR protection mechanism, via a crafted syst
01-10-2017 - 21:29 01-10-2017 - 21:29
CVE-2017-14867 9.0
Git before 2.10.5, 2.11.x before 2.11.4, 2.12.x before 2.12.5, 2.13.x before 2.13.6, and 2.14.x before 2.14.2 uses unsafe Perl scripts to support subcommands such as cvsserver, which allows attackers to execute arbitrary OS commands via shell metacha
28-09-2017 - 21:34 28-09-2017 - 21:34
CVE-2015-3248 4.7
openhpi/Makefile.am in OpenHPI before 3.6.0 uses world-writable permissions for /var/lib/openhpi directory, which allows local users, when quotas are not properly setup, to fill the filesystem hosting /var/lib and cause a denial of service (disk cons
26-09-2017 - 11:29 26-09-2017 - 11:29
CVE-2015-5070 3.5
The (1) filesystem::get_wml_location function in filesystem.cpp and (2) is_legal_file function in filesystem_boost.cpp in Battle for Wesnoth before 1.12.4 and 1.13.x before 1.13.1, when a case-insensitive filesystem is used, allow remote attackers to
26-09-2017 - 10:29 26-09-2017 - 10:29
CVE-2015-5069 4.0
The (1) filesystem::get_wml_location function in filesystem.cpp and (2) is_legal_file function in filesystem_boost.cpp in Battle for Wesnoth before 1.12.3 and 1.13.x before 1.13.1 allow remote attackers to obtain sensitive information via vectors rel
26-09-2017 - 10:29 26-09-2017 - 10:29
CVE-2017-12154 3.6
The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the "CR8-load exiting" and "CR8-store exiting" L0 vmcs02 controls exist in cases where L1 omits the "use TPR shadow" vmcs12 control, which allow
26-09-2017 - 01:29 26-09-2017 - 01:29
CVE-2017-1000252 2.1
The KVM subsystem in the Linux kernel through 4.13.3 allows guest OS users to cause a denial of service (assertion failure, and hypervisor hang or crash) via an out-of bounds guest_irq value, related to arch/x86/kvm/vmx.c and virt/kvm/eventfd.c.
26-09-2017 - 01:29 26-09-2017 - 01:29
CVE-2015-5704 7.2
scripts/licensecheck.pl in devscripts before 2.15.7 allows local users to execute arbitrary shell commands.
25-09-2017 - 17:29 25-09-2017 - 17:29
CVE-2017-6272 7.2
NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where a value passed from a user to the driver is not correctly validated and used as the index to an array which may lead to a denial of service or possible escalati
22-09-2017 - 13:29 22-09-2017 - 13:29
CVE-2017-6267 4.9
NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where an incorrect initialization of internal objects can cause an infinite loop which may lead to a denial of service.
22-09-2017 - 13:29 22-09-2017 - 13:29
CVE-2017-6266 4.9
NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where improper access controls could allow unprivileged users to cause a denial of service.
22-09-2017 - 13:29 22-09-2017 - 13:29
CVE-2017-12153 6.8
A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be i
21-09-2017 - 11:29 21-09-2017 - 11:29
CVE-2017-14633 4.3
In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0_forward() in mapping0.c, which may lead to DoS when operating on a crafted audio file with vorbis_analysis().
21-09-2017 - 03:29 21-09-2017 - 03:29
CVE-2017-14632 7.5
Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184.
21-09-2017 - 03:29 21-09-2017 - 03:29
CVE-2017-14608 6.4
In LibRaw through 0.18.4, an out of bounds read flaw related to kodak_65000_load_raw has been reported in dcraw/dcraw.c and internal/dcraw_common.cpp. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an a
20-09-2017 - 13:29 20-09-2017 - 13:29
CVE-2015-5607 6.8
Cross-site request forgery in the REST API in IPython 2 and 3.
20-09-2017 - 12:29 20-09-2017 - 12:29
CVE-2017-12883 6.4
Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to disclose sensitive information or cause a denial of service (application crash) via a crafted regular exp
19-09-2017 - 14:29 19-09-2017 - 14:29
CVE-2017-12837 5.0
Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) via a regular expression with a '\N{}' escape and th
19-09-2017 - 14:29 19-09-2017 - 14:29
CVE-2017-14033 5.0
The decode method in the OpenSSL::ASN1 module in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows attackers to cause a denial of service (interpreter crash) via a crafted string.
19-09-2017 - 13:29 19-09-2017 - 13:29
CVE-2017-10784 9.3
The Basic authentication code in WEBrick library in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows remote attackers to inject terminal emulator escape sequences into its log and possibly execute arbitrary commands via a crafted
19-09-2017 - 13:29 19-09-2017 - 13:29
CVE-2015-7837 2.1
The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot restrictions by leveraging improper handling of secur
19-09-2017 - 12:29 19-09-2017 - 12:29
CVE-2015-3420 4.3
The ssl-proxy-openssl.c function in Dovecot before 2.2.17, when SSLv3 is disabled, allow remote attackers to cause a denial of service (login process crash) via vectors related to handshake failures.
19-09-2017 - 11:29 19-09-2017 - 11:29
CVE-2015-1854 5.0
389 Directory Server before 1.3.3.10 allows attackers to bypass intended access restrictions and modify directory entries via a crafted ldapmodrdn call.
19-09-2017 - 11:29 19-09-2017 - 11:29
CVE-2017-9798 5.0
Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2
18-09-2017 - 11:29 18-09-2017 - 11:29
CVE-2017-14533 4.3
ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/mat.c.
17-09-2017 - 21:29 17-09-2017 - 21:29
CVE-2017-14520 6.8
In Poppler 0.59.0, a floating point exception occurs in Splash::scaleImageYuXd() in Splash.cc, which may lead to a potential attack when handling malicious PDF files.
17-09-2017 - 19:29 17-09-2017 - 19:29
CVE-2017-14519 5.0
In Poppler 0.59.0, memory corruption occurs in a call to Object::streamGetChar in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opShowText, and Gfx::doShowText calls (aka a Gfx.cc infinite loop).
17-09-2017 - 19:29 17-09-2017 - 19:29
CVE-2017-14518 6.8
In Poppler 0.59.0, a floating point exception exists in the isImageInterpolationRequired() function in Splash.cc via a crafted PDF document.
17-09-2017 - 19:29 17-09-2017 - 19:29
CVE-2017-14517 4.3
In Poppler 0.59.0, a NULL Pointer Dereference exists in the XRef::parseEntry() function in XRef.cc via a crafted PDF document.
17-09-2017 - 19:29 17-09-2017 - 19:29
CVE-2017-0898 6.4
Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a precious specifier (*) with a huge minus value. Such situation can lead to a buffer overrun, resulting in a heap memory corruption or an information discl
15-09-2017 - 15:29 15-09-2017 - 15:29
CVE-2017-14340 4.9
The XFS_IS_REALTIME_INODE macro in fs/xfs/xfs_linux.h in the Linux kernel before 4.13.2 does not verify that a filesystem has a realtime device, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via vectors rel
15-09-2017 - 07:29 15-09-2017 - 07:29
CVE-2017-14489 4.9
The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service (panic) by leveraging incorrect length validation.
15-09-2017 - 06:29 15-09-2017 - 06:29
CVE-2017-13725 7.5
The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13690 7.5
The IKEv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13689 7.5
The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13688 7.5
The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13687 7.5
The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13055 7.5
The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_is_reach_subtlv().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13054 7.5
The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13053 7.5
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13052 7.5
The CFM parser in tcpdump before 4.9.2 has a buffer over-read in print-cfm.c:cfm_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13051 7.5
The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13050 7.5
The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13049 7.5
The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13048 7.5
The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13047 7.5
The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13046 7.5
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13045 7.5
The VQP parser in tcpdump before 4.9.2 has a buffer over-read in print-vqp.c:vqp_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13044 7.5
The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv4_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13043 7.5
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_multicast_vpn().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13042 7.5
The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv6_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13041 7.5
The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13040 7.5
The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions.
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13039 7.5
The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13038 7.5
The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13037 7.5
The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13036 7.5
The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13035 7.5
The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_id().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13034 7.5
The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13033 7.5
The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13032 7.5
The RADIUS parser in tcpdump before 4.9.2 has a buffer over-read in print-radius.c:print_attr_string().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13031 7.5
The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13030 7.5
The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions.
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13029 7.5
The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13028 7.5
The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13027 7.5
The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13026 7.5
The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c, several functions.
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13025 7.5
The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13024 7.5
The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13023 7.5
The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13022 7.5
The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13021 7.5
The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13020 7.5
The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13019 7.5
The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13018 7.5
The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13017 7.5
The DHCPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-dhcp6.c:dhcp6opt_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13016 7.5
The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13015 7.5
The EAP parser in tcpdump before 4.9.2 has a buffer over-read in print-eap.c:eap_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13014 7.5
The White Board protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-wb.c:wb_prep(), several functions.
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13013 7.5
The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions.
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13012 7.5
The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13011 7.5
Several protocol parsers in tcpdump before 4.9.2 could cause a buffer overflow in util-print.c:bittok2str_internal().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13010 7.5
The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13009 7.5
The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13008 7.5
The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13007 7.5
The Apple PKTAP parser in tcpdump before 4.9.2 has a buffer over-read in print-pktap.c:pktap_if_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13006 7.5
The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions.
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13005 7.5
The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:xid_map_enter().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13004 7.5
The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c:juniper_parse_header().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13003 7.5
The LMP parser in tcpdump before 4.9.2 has a buffer over-read in print-lmp.c:lmp_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13002 7.5
The AODV parser in tcpdump before 4.9.2 has a buffer over-read in print-aodv.c:aodv_extension().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13001 7.5
The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:nfs_printfh().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-13000 7.5
The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_15_4.c:ieee802_15_4_if_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-12999 7.5
The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-12998 7.5
The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_extd_ip_reach().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-12997 5.0
The LLDP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-lldp.c:lldp_private_8021_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-12996 7.5
The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-12995 5.0
The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-12994 7.5
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-12993 7.5
The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c, several functions.
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-12992 7.5
The RIPng parser in tcpdump before 4.9.2 has a buffer over-read in print-ripng.c:ripng_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-12991 7.5
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-12990 5.0
The ISAKMP parser in tcpdump before 4.9.2 could enter an infinite loop due to bugs in print-isakmp.c, several functions.
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-12989 5.0
The RESP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-resp.c:resp_get_length().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-12988 7.5
The telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-12987 7.5
The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-12986 7.5
The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-12985 7.5
The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-12902 7.5
The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions.
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-12901 7.5
The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-12900 7.5
Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-print.c:tok2strbuf().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-12899 7.5
The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-12898 7.5
The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-12897 7.5
The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-12896 7.5
The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-12895 7.5
The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-12894 7.5
Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-12893 7.5
The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len().
14-09-2017 - 02:29 14-09-2017 - 02:29
CVE-2017-14348 6.8
LibRaw before 0.18.4 has a heap-based Buffer Overflow in the processCanonCameraInfo function via a crafted file.
12-09-2017 - 15:29 12-09-2017 - 15:29
CVE-2017-14343 4.3
ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in coders/xcf.c via a crafted xcf image file.
12-09-2017 - 13:29 12-09-2017 - 13:29
CVE-2017-1000251 8.3
The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remot
12-09-2017 - 13:29 12-09-2017 - 13:29
CVE-2017-1000250 3.3
All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the proces
12-09-2017 - 13:29 12-09-2017 - 13:29
CVE-2017-14319 7.2
A grant unmapping issue was discovered in Xen through 4.9.x. When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame
12-09-2017 - 11:29 12-09-2017 - 11:29
CVE-2017-14318 4.9
An issue was discovered in Xen 4.5.x through 4.9.x. The function `__gnttab_cache_flush` handles GNTTABOP_cache_flush grant table operations. It checks to see if the calling domain is the owner of the page that is to be operated on. If it is not, the
12-09-2017 - 11:29 12-09-2017 - 11:29
CVE-2017-14317 4.7
A domain cleanup issue was discovered in the C xenstore daemon (aka cxenstored) in Xen through 4.9.x. When shutting down a VM with a stubdomain, a race in cxenstored may cause a double-free. The xenstored daemon may crash, resulting in a DoS of any p
12-09-2017 - 11:29 12-09-2017 - 11:29
CVE-2017-14316 7.2
A parameter verification issue was discovered in Xen through 4.9.x. The function `alloc_heap_pages` allows callers to specify the first NUMA node that should be used for allocations through the `memflags` parameter; the node is extracted using the `M
12-09-2017 - 11:29 12-09-2017 - 11:29
CVE-2017-14326 4.3
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file.
12-09-2017 - 04:29 12-09-2017 - 04:29
CVE-2017-1000249 2.1
An issue in file() was introduced in commit 9611f31313a93aa036389c5f3b15eea53510d4d1 (Oct 2016) lets an attacker overwrite a fixed 20 bytes stack buffer with a specially crafted .notes section in an ELF binary. This was fixed in commit 35c94dc6acc418
11-09-2017 - 15:29 11-09-2017 - 15:29
CVE-2017-14265 7.5
A Stack-based Buffer Overflow was discovered in xtrans_interpolate in internal/dcraw_common.cpp in LibRaw before 0.18.3. It could allow a remote denial of service or code execution attack.
11-09-2017 - 05:29 11-09-2017 - 05:29
CVE-2017-14249 4.3
ImageMagick 7.0.6-8 Q16 mishandles EOF checks in ReadMPCImage in coders/mpc.c, leading to division by zero in GetPixelCacheTileSize in MagickCore/cache.c, allowing remote attackers to cause a denial of service via a crafted file.
11-09-2017 - 05:29 11-09-2017 - 05:29
CVE-2017-12146 6.9
The driver_override implementation in drivers/base/platform.c in the Linux kernel before 4.12.1 allows local users to gain privileges by leveraging a race condition between a read operation and a store operation that involve different overrides.
08-09-2017 - 15:29 08-09-2017 - 15:29
CVE-2015-3991 7.5
strongSwan 5.2.2 and 5.3.0 allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code.
07-09-2017 - 16:29 07-09-2017 - 16:29
CVE-2017-6362 5.0
Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors.
07-09-2017 - 09:29 07-09-2017 - 09:29
CVE-2017-14174 7.1
In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "length" field in the header but does not contain s
07-09-2017 - 02:29 07-09-2017 - 02:29
CVE-2015-5705 5.0
Argument injection vulnerability in devscripts before 2.15.7 allows remote attackers to write to arbitrary files via a crafted symlink and crafted filename.
06-09-2017 - 17:29 06-09-2017 - 17:29
CVE-2015-5186 5.0
Audit before 2.4.4 in Linux does not sanitize escape characters in filenames.
06-09-2017 - 17:29 06-09-2017 - 17:29
CVE-2017-2870 6.8
An exploitable integer overflow vulnerability exists in the tiff_image_parse functionality of Gdk-Pixbuf 2.36.6 when compiled with Clang. A specially crafted tiff file can cause a heap-overflow resulting in remote code execution. An attacker can send
05-09-2017 - 14:29 05-09-2017 - 14:29
CVE-2017-2862 6.8
An exploitable heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2.36.6. A specially crafted jpeg file can cause a heap overflow resulting in remote code execution. An attacker can send a file
05-09-2017 - 14:29 05-09-2017 - 14:29
CVE-2017-14156 2.1
The atyfb_ioctl function in drivers/video/fbdev/aty/atyfb_base.c in the Linux kernel through 4.12.10 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading locations
05-09-2017 - 13:29 05-09-2017 - 13:29
CVE-2017-14140 2.1
The move_pages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR.
05-09-2017 - 02:29 05-09-2017 - 02:29
CVE-2017-1000083 6.8
backend/comics/comics-document.c (aka the comic book backend) in GNOME Evince before 3.24.1 allows remote attackers to execute arbitrary commands via a .cbt file that is a TAR archive containing a filename beginning with a "--" command-line option su
05-09-2017 - 02:29 05-09-2017 - 02:29
CVE-2017-12691 7.1
The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
01-09-2017 - 17:29 01-09-2017 - 17:29
CVE-2017-14106 4.9
The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code pat
01-09-2017 - 12:29 01-09-2017 - 12:29
CVE-2017-0901 6.4
RubyGems version 2.6.12 and earlier fails to validate specification names, allowing a maliciously crafted gem to potentially overwrite any file on the filesystem.
31-08-2017 - 16:29 31-08-2017 - 16:29
CVE-2017-0900 5.0
RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications to cause a denial of service attack against RubyGems clients who have issued a `query` command.
31-08-2017 - 16:29 31-08-2017 - 16:29
CVE-2017-0899 7.5
RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specification would execute terminal escape sequences.
31-08-2017 - 16:29 31-08-2017 - 16:29
CVE-2017-14064 7.5
Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during a JSON.generate call. The issues lies in using strdup in ext/json/ext/generator/generator.c, which will stop after encountering a '\0' byte, returning
31-08-2017 - 13:29 31-08-2017 - 13:29
CVE-2017-14062 7.5
Integer overflow in the decode_digit function in puny_decode.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact.
31-08-2017 - 12:29 31-08-2017 - 12:29
CVE-2017-14051 4.9
An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel through 4.12.10 allows local users to cause a denial of service (memory corruption and system crash) by leveraging root access.
31-08-2017 - 00:29 31-08-2017 - 00:29
CVE-2017-14042 4.3
A memory allocation failure was discovered in the ReadPNMImage function in coders/pnm.c in GraphicsMagick 1.3.26. The vulnerability causes a big memory allocation, which may lead to remote denial of service in the MagickRealloc function in magick/mem
30-08-2017 - 18:29 30-08-2017 - 18:29
CVE-2017-13767 7.8
In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the MSDP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-msdp.c by adding length validation.
30-08-2017 - 05:29 30-08-2017 - 05:29
CVE-2017-13766 5.0
In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O dissector could crash with an out-of-bounds write. This was addressed in plugins/profinet/packet-dcerpc-pn-io.c by adding string validation.
30-08-2017 - 05:29 30-08-2017 - 05:29
CVE-2017-13765 5.0
In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the IrCOMM dissector has a buffer over-read and application crash. This was addressed in plugins/irda/packet-ircomm.c by adding length validation.
30-08-2017 - 05:29 30-08-2017 - 05:29
CVE-2017-0379 5.0
Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c.
29-08-2017 - 18:29 29-08-2017 - 18:29
CVE-2017-13744 4.3
There is an illegal address access in the function _lou_getALine() in compileTranslationTable.c:343 in Liblouis 3.2.0.
29-08-2017 - 02:29 29-08-2017 - 02:29
CVE-2017-13742 4.3
There is a stack-based buffer overflow in Liblouis 3.2.0, triggered in the function includeFile() in compileTranslationTable.c, that will lead to a remote denial of service attack.
29-08-2017 - 02:29 29-08-2017 - 02:29
CVE-2017-13740 6.8
There is a stack-based buffer overflow in Liblouis 3.2.0, triggered in the function parseChars() in compileTranslationTable.c, that will lead to denial of service or possibly unspecified other impact.
29-08-2017 - 02:29 29-08-2017 - 02:29
CVE-2017-13739 6.8
There is a heap-based buffer overflow that causes a more than two thousand bytes out-of-bounds write in Liblouis 3.2.0, triggered in the function resolveSubtable() in compileTranslationTable.c. It will lead to denial of service or remote code executi
29-08-2017 - 02:29 29-08-2017 - 02:29
CVE-2017-13738 6.8
There is an illegal address access in the _lou_getALine function in compileTranslationTable.c:346 in Liblouis 3.2.0.
29-08-2017 - 02:29 29-08-2017 - 02:29
CVE-2017-13735 5.0
There is a floating point exception in the kodak_radc_load_raw function in dcraw_common.cpp in LibRaw 0.18.2. It will lead to a remote denial of service attack.
29-08-2017 - 02:29 29-08-2017 - 02:29
CVE-2017-13733 4.3
There is an illegal address access in the fmt_entry function in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack.
29-08-2017 - 02:29 29-08-2017 - 02:29
CVE-2017-13732 4.3
There is an illegal address access in the function dump_uses() in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack.
29-08-2017 - 02:29 29-08-2017 - 02:29
CVE-2017-13731 4.3
There is an illegal address access in the function postprocess_termcap() in parse_entry.c in ncurses 6.0 that will lead to a remote denial of service attack.
29-08-2017 - 02:29 29-08-2017 - 02:29
CVE-2017-13730 4.3
There is an illegal address access in the function _nc_read_entry_source() in progs/tic.c in ncurses 6.0 that might lead to a remote denial of service attack.
29-08-2017 - 02:29 29-08-2017 - 02:29
CVE-2017-13729 4.3
There is an illegal address access in the _nc_save_str function in alloc_entry.c in ncurses 6.0. It will lead to a remote denial of service attack.
29-08-2017 - 02:29 29-08-2017 - 02:29
CVE-2017-13728 4.3
There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to libtic. A crafted input will lead to a remote denial of service attack.
29-08-2017 - 02:29 29-08-2017 - 02:29
CVE-2017-3735 5.0
While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of Op
28-08-2017 - 15:29 28-08-2017 - 15:29
CVE-2015-0233 4.6
Multiple insecure Temporary File vulnerabilities in 389 Administration Server before 1.1.38.
28-08-2017 - 15:29 28-08-2017 - 15:29
CVE-2017-8380 7.5
Buffer overflow in the "megasas_mmio_write" function in Qemu 2.9.0 allows remote attackers to have unspecified impact via unknown vectors.
28-08-2017 - 11:29 28-08-2017 - 11:29
CVE-2015-1395 7.8
Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. (dot dot) in a diff file name.
25-08-2017 - 14:29 25-08-2017 - 14:29
CVE-2015-1325 6.9
Race condition in Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LT
25-08-2017 - 14:29 25-08-2017 - 14:29
CVE-2015-1324 7.2
Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local user
25-08-2017 - 14:29 25-08-2017 - 14:29
CVE-2014-9637 7.1
GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service (memory consumption and segmentation fault) via a crafted diff file.
25-08-2017 - 14:29 25-08-2017 - 14:29
CVE-2015-5146 3.5
ntpd in ntp before 4.2.8p3 with remote configuration enabled allows remote authenticated users with knowledge of the configuration password and access to a computer entrusted to perform remote configuration to cause a denial of service (service crash
24-08-2017 - 16:29 24-08-2017 - 16:29
CVE-2014-4616 4.3
Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the raw_decod
24-08-2017 - 16:29 24-08-2017 - 16:29
CVE-2017-11424 5.0
In PyJWT 1.5.0 and below the `invalid_strings` check in `HMACAlgorithm.prepare_key` does not account for all PEM encoded public keys. Specifically, the PKCS1 PEM encoded format would be allowed because it is prefaced with the string `-----BEGIN RSA P
24-08-2017 - 12:29 24-08-2017 - 12:29
CVE-2017-12836 5.1
CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a crafted hostname, as demonstrated by "-oProxyCommand=id;localhost:/bar."
24-08-2017 - 10:29 24-08-2017 - 10:29
CVE-2017-12137 7.2
arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref.
24-08-2017 - 10:29 24-08-2017 - 10:29
CVE-2017-12136 6.9
Race condition in the grant table code in Xen 4.6.x through 4.9.x allows local guest OS administrators to cause a denial of service (free list corruption and host crash) or gain privileges on the host via vectors involving maptrack free list handling
24-08-2017 - 10:29 24-08-2017 - 10:29
CVE-2017-12135 4.6
Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants.
24-08-2017 - 10:29 24-08-2017 - 10:29
CVE-2017-12134 7.2
The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges
24-08-2017 - 10:29 24-08-2017 - 10:29
CVE-2017-13658 4.3
In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the ReadMATImage function in coders/mat.c, leading to a denial of service (assertion failure and application exit) in the DestroyImageInfo function in MagickCore/i
24-08-2017 - 02:29 24-08-2017 - 02:29
CVE-2017-13648 4.3
In GraphicsMagick 1.3.26, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c.
23-08-2017 - 17:29 23-08-2017 - 17:29
CVE-2017-12809 2.1
QEMU (aka Quick Emulator), when built with the IDE disk and CD/DVD-ROM Emulator support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by flushing an empty CDROM device drive.
23-08-2017 - 12:29 23-08-2017 - 12:29
CVE-2017-13146 6.8
In ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memory leak in the ReadMATImage function in coders/mat.c.
23-08-2017 - 02:29 23-08-2017 - 02:29
CVE-2017-5208 6.8
Integer overflow in the wrestool program in icoutils before 0.31.1 allows remote attackers to cause a denial of service (memory corruption) via a crafted executable, which triggers a denial of service (application crash) or the possibility of executi
22-08-2017 - 14:29 22-08-2017 - 14:29
CVE-2017-13062 4.3
In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function formatIPTC in coders/meta.c, which allows attackers to cause a denial of service (WriteMETAImage memory consumption) via a crafted file.
22-08-2017 - 02:29 22-08-2017 - 02:29
CVE-2017-13061 4.3
In ImageMagick 7.0.6-5, a length-validation vulnerability was found in the function ReadPSDLayersInternal in coders/psd.c, which allows attackers to cause a denial of service (ReadPSDImage memory exhaustion) via a crafted file.
22-08-2017 - 02:29 22-08-2017 - 02:29
CVE-2017-13060 4.3
In ImageMagick 7.0.6-5, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file.
22-08-2017 - 02:29 22-08-2017 - 02:29
CVE-2017-10663 7.2
The sanity_check_ckpt function in fs/f2fs/super.c in the Linux kernel before 4.12.4 does not validate the blkoff and segno arrays, which allows local users to gain privileges via unspecified vectors.
19-08-2017 - 14:29 19-08-2017 - 14:29
CVE-2017-10662 7.2
The sanity_check_raw_super function in fs/f2fs/super.c in the Linux kernel before 4.11.1 does not validate the segment count, which allows local users to gain privileges via unspecified vectors.
19-08-2017 - 14:29 19-08-2017 - 14:29
CVE-2017-10661 7.6
Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel q
19-08-2017 - 14:29 19-08-2017 - 14:29
CVE-2017-11185 5.0
The gmp plugin in strongSwan before 5.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted RSA signature.
18-08-2017 - 13:29 18-08-2017 - 13:29
CVE-2017-7555 7.5
Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, le
17-08-2017 - 15:29 17-08-2017 - 15:29
CVE-2017-7548 4.0
PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers with no privileges on a large object to overwrite the entire contents of the object, resulting in a denial of service.
16-08-2017 - 14:29 16-08-2017 - 14:29
CVE-2017-7547 4.0
PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers to retrieve passwords from the user mappings defined by the foreign server owners without actually having
16-08-2017 - 14:29 16-08-2017 - 14:29
CVE-2017-7546 7.5
PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allowing remote attackers to gain access to database accounts with an empty password.
16-08-2017 - 14:29 16-08-2017 - 14:29
CVE-2017-12855 2.1
Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform the guest that a grant is in use. A guest is expected not to modify the grant details while it is in use, whereas the guest is free to modify/reuse the grant entry when it is not in
15-08-2017 - 12:29 15-08-2017 - 12:29
CVE-2017-9800 7.5
A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicious server, by a malicious user
11-08-2017 - 17:29 11-08-2017 - 17:29
CVE-2015-1783 5.0
The prefix variable in the get_or_define_ns function in Lasso before commit 6d854cef4211cdcdbc7446c978f23ab859847cdd allows remote attackers to cause a denial of service (uninitialized memory access and application crash) via unspecified vectors.
11-08-2017 - 17:29 11-08-2017 - 17:29
CVE-2017-7674 4.3
The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.15, 8.0.0.RC1 to 8.0.44 and 7.0.41 to 7.0.78 did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poi
10-08-2017 - 22:29 10-08-2017 - 22:29
CVE-2016-6796 5.0
A malicious web application running on Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 was able to bypass a configured SecurityManager via manipulation of the configuration parameters for t
10-08-2017 - 22:29 10-08-2017 - 22:29
CVE-2016-8745 5.0
A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 to 7.0.73 and 6.0.16 to 6.0.48 resulted in the current Processor object being added to the
10-08-2017 - 18:29 10-08-2017 - 18:29
CVE-2016-6797 5.0
The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked
10-08-2017 - 18:29 10-08-2017 - 18:29
CVE-2016-6794 5.0
When a SecurityManager is configured, a web application's ability to read system properties should be controlled by the SecurityManager. In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70, 6.0.0 to 6.0.45 the
10-08-2017 - 12:29 10-08-2017 - 12:29
CVE-2016-5018 5.0
In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 a malicious web application was able to bypass a configured SecurityManager via a Tomcat utility method that was accessible to web applica
10-08-2017 - 12:29 10-08-2017 - 12:29
CVE-2016-0762 4.3
The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. This made a timing attac
10-08-2017 - 12:29 10-08-2017 - 12:29
CVE-2014-0146 1.9
The qcow2_open function in the (block/qcow2.c) in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a denial of service (NULL pointer dereference) via a crafted image which causes an error, related to the initialization of the snapsh
10-08-2017 - 11:29 10-08-2017 - 11:29
CVE-2014-0145 4.6
Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0.0, allow local users to cause a denial of service (crash) or possibly execute arbitrary code via a large (1) L1 table in the qcow2_snapshot_load_tmp in the QCOW 2 block driver (block/q
10-08-2017 - 11:29 10-08-2017 - 11:29
CVE-2014-0143 4.4
Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service (crash) via a crafted catalog size in (1) the parallels_open function in block/parallels.c or (2) bochs_open function in bo
10-08-2017 - 11:29 10-08-2017 - 11:29
CVE-2014-0142 2.1
QEMU, possibly before 2.0.0, allows local users to cause a denial of service (divide-by-zero error and crash) via a zero value in the (1) tracks field to the seek_to_sector function in block/parallels.c or (2) extent_size field in the bochs function
10-08-2017 - 11:29 10-08-2017 - 11:29
CVE-2017-12762 10.0
In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stab
09-08-2017 - 17:29 09-08-2017 - 17:29
CVE-2015-6816 7.5
ganglia-web before 3.7.1 allows remote attackers to bypass authentication.
09-08-2017 - 14:29 09-08-2017 - 14:29
CVE-2015-3277 5.0
The mod_nss module before 1.0.11 in Fedora allows remote attackers to obtain cipher lists due to incorrect parsing of multi-keyword cipherstring.
09-08-2017 - 14:29 09-08-2017 - 14:29
CVE-2015-1820 7.5
REST client for Ruby (aka rest-client) before 1.8.0 allows remote attackers to conduct session fixation attacks or obtain sensitive cookie information by leveraging passage of cookies set in a response to a redirect.
09-08-2017 - 14:29 09-08-2017 - 14:29
CVE-2015-3405 5.0
ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remot
09-08-2017 - 12:29 09-08-2017 - 12:29
CVE-2017-3653 3.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3652 4.9
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3651 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileg
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3650 4.3
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: C API). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protoc
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3649 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker wi
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3648 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privi
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3647 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker wi
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3645 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multi
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3644 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pr
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3643 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pr
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3642 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multi
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3641 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged a
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3640 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pr
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3639 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pr
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3638 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multi
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3637 3.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: X Plugin). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple prot
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3636 4.6
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.56 and earlier and 5.6.36 and earlier. Easily exploitable vulnerability allows low privileged attacker with logo
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3635 3.5
Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/C). Supported versions that are affected are 6.1.10 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multip
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3634 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3633 5.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3529 3.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: UDF). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple p
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10243 6.4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulne
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10198 4.3
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit v
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10196 6.4
Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected is 8.5.3.0. Easily exploitable vulnerability allows unauthenticated attacker with netwo
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10195 4.3
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Import/Export). The supported version that is affected is 2.8. Easily exploitable vulnerability allows unauthenticated attacker with network
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10193 2.6
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthen
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10176 5.0
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerabil
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10135 4.3
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulner
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10125 4.4
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 7u141 and 8u131. Difficult to exploit vulnerability allows physical access to compromise Java SE. While the vulnera
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10118 5.0
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability a
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10116 5.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit v
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10115 5.0
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerab
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10114 5.1
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u141 and 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple pr
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10111 6.8
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10110 6.8
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10109 5.0
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitabl
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10108 5.0
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitabl
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10107 6.8
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10105 4.3
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via mu
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10102 6.8
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticat
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10101 6.8
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticate
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10096 6.8
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticate
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10090 6.8
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10089 6.8
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: ImageIO). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multi
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10087 6.8
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthent
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10086 6.8
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple prot
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10081 4.3
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthentic
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10078 5.5
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Scripting). The supported version that is affected is Java SE: 8u131. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols t
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10074 5.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthent
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10067 5.1
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via mu
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10053 5.0
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerabi
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-12675 4.3
In ImageMagick 7.0.6-3, a missing check for multidimensional data was found in coders/mat.c, leading to a memory leak in the function ReadImage in MagickCore/constitute.c, which allows attackers to cause a denial of service.
07-08-2017 - 17:29 07-08-2017 - 17:29
CVE-2017-12672 4.3
In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service.
07-08-2017 - 17:29 07-08-2017 - 17:29
CVE-2017-12670 4.3
In ImageMagick 7.0.6-3, missing validation was found in coders/mat.c, leading to an assertion failure in the function DestroyImage in MagickCore/image.c, which allows attackers to cause a denial of service.
07-08-2017 - 17:29 07-08-2017 - 17:29
CVE-2017-12667 6.8
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMATImage in coders\mat.c.
07-08-2017 - 17:29 07-08-2017 - 17:29
CVE-2016-7976 6.8
The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams.
07-08-2017 - 16:29 07-08-2017 - 16:29
CVE-2015-7871 7.5
Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.
07-08-2017 - 16:29 07-08-2017 - 16:29
CVE-2015-7855 4.0
The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.
07-08-2017 - 16:29 07-08-2017 - 16:29
CVE-2015-7853 7.5
The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value.
07-08-2017 - 16:29 07-08-2017 - 16:29
CVE-2015-7852 4.3
ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets.
07-08-2017 - 16:29 07-08-2017 - 16:29
CVE-2015-7850 4.0
ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or crash) by pointing the key file at the log file.
07-08-2017 - 16:29 07-08-2017 - 16:29
CVE-2015-7705 7.5
The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests.
07-08-2017 - 16:29 07-08-2017 - 16:29
CVE-2015-7704 5.0
The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages.
07-08-2017 - 16:29 07-08-2017 - 16:29
CVE-2015-7702 4.0
The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.
07-08-2017 - 16:29 07-08-2017 - 16:29
CVE-2015-7701 7.8
Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption).
07-08-2017 - 16:29 07-08-2017 - 16:29
CVE-2015-7692 5.0
The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.
07-08-2017 - 16:29 07-08-2017 - 16:29
CVE-2015-7691 5.0
The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations. NOTE: This vulnerability exists due to a
07-08-2017 - 16:29 07-08-2017 - 16:29
CVE-2015-5244 7.5
The NSSCipherSuite option with ciphersuites enabled in mod_nss before 1.0.12 allows remote attackers to bypass application restrictions.
07-08-2017 - 16:29 07-08-2017 - 16:29
CVE-2014-1235 6.8
Stack-based buffer overflow in the "yyerror" function in Graphviz 2.34.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted file. NOTE: This vulnerability exists due to an incomplete fix
07-08-2017 - 16:29 07-08-2017 - 16:29
CVE-2017-12642 6.8
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMPCImage in coders\mpc.c.
07-08-2017 - 11:29 07-08-2017 - 11:29
CVE-2017-6420 4.3
The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (use-after-free) via a crafted PE file with WWPack compression.
06-08-2017 - 23:29 06-08-2017 - 23:29
CVE-2017-6419 6.8
mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted CHM file.
06-08-2017 - 23:29 06-08-2017 - 23:29
CVE-2017-6418 4.3
libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted e-mail message.
06-08-2017 - 23:29 06-08-2017 - 23:29
CVE-2017-12564 4.3
In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service.
05-08-2017 - 14:29 05-08-2017 - 14:29
CVE-2017-12563 7.1
In ImageMagick 7.0.6-2, a memory exhaustion vulnerability was found in the function ReadPSDImage in coders/psd.c, which allows attackers to cause a denial of service.
05-08-2017 - 14:29 05-08-2017 - 14:29
CVE-2017-7533 6.9
Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_han
05-08-2017 - 12:29 05-08-2017 - 12:29
CVE-2017-12434 4.3
In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service (assertion failure) in DestroyImageInfo in image.c.
04-08-2017 - 06:29 04-08-2017 - 06:29
CVE-2017-12430 7.8
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a denial of service.
04-08-2017 - 06:29 04-08-2017 - 06:29
CVE-2017-7890 4.3
The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitia
02-08-2017 - 15:29 02-08-2017 - 15:29
CVE-2017-10806 2.1
Stack-based buffer overflow in hw/usb/redirect.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (QEMU process crash) via vectors related to logging debug messages.
02-08-2017 - 15:29 02-08-2017 - 15:29
CVE-2017-10664 5.0
qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt.
02-08-2017 - 15:29 02-08-2017 - 15:29
CVE-2015-0839 6.8
The hp-plugin utility in HP Linux Imaging and Printing (HPLIP) makes it easier for man-in-the-middle attackers to execute arbitrary code by leveraging use of a short GPG key id from a keyserver to verify print plugin downloads.
02-08-2017 - 15:29 02-08-2017 - 15:29
CVE-2015-5059 3.5
The "Project Documentation" feature in MantisBT 1.2.19 and earlier, when the threshold to access files ($g_view_proj_doc_threshold) is set to ANYBODY, allows remote authenticated users to download attachments linked to arbitrary private projects via
01-08-2017 - 10:29 01-08-2017 - 10:29
CVE-2017-11751 4.3
The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
30-07-2017 - 13:29 30-07-2017 - 13:29
CVE-2017-11724 4.3
The ReadMATImage function in coders/mat.c in ImageMagick through 6.9.9-3 and 7.x through 7.0.6-3 has memory leaks involving the quantum_info and clone_info data structures.
29-07-2017 - 01:29 29-07-2017 - 01:29
CVE-2017-6259 7.1
NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where an incorrect detection and recovery from an invalid state produced by specific user actions may lead to denial of service.
28-07-2017 - 15:29 28-07-2017 - 15:29
CVE-2017-6257 7.2
NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where a NULL pointer dereference may lead to denial of service or potential escalation of privileges
28-07-2017 - 15:29 28-07-2017 - 15:29
CVE-2017-11714 6.8
psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the scanner state structure, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PostScript document,
28-07-2017 - 01:29 28-07-2017 - 01:29
CVE-2016-8743 5.0
Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in
27-07-2017 - 17:29 27-07-2017 - 17:29
CVE-2016-2161 5.0
In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid requests.
27-07-2017 - 17:29 27-07-2017 - 17:29
CVE-2016-0736 5.0
In Apache HTTP Server versions 2.4.0 to 2.4.23, mod_session_crypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation (AES256-CBC by default), hence no selectable or builtin authenticated en
27-07-2017 - 17:29 27-07-2017 - 17:29
CVE-2017-7659 5.0
A maliciously constructed HTTP/2 request could cause mod_http2 2.4.24, 2.4.25 to dereference a NULL pointer and crash the server process.
26-07-2017 - 17:29 26-07-2017 - 17:29
CVE-2017-9835 6.8
The gs_alloc_ref_array function in psi/ialloc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PostScript doc
26-07-2017 - 15:29 26-07-2017 - 15:29
CVE-2017-9739 6.8
The Ins_JMPR function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.
26-07-2017 - 15:29 26-07-2017 - 15:29
CVE-2017-9727 6.8
The gx_ttfReader__Read function in base/gxttfb.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted doc
26-07-2017 - 15:29 26-07-2017 - 15:29
CVE-2017-9726 6.8
The Ins_MDRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.
26-07-2017 - 15:29 26-07-2017 - 15:29
CVE-2017-9612 6.8
The Ins_IP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via a crafted document.
26-07-2017 - 15:29 26-07-2017 - 15:29
CVE-2017-9611 6.8
The Ins_MIRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.
26-07-2017 - 15:29 26-07-2017 - 15:29
CVE-2017-11644 4.3
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadMATImage() function in coders/mat.c.
26-07-2017 - 04:29 26-07-2017 - 04:29
CVE-2017-11628 6.8
In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, a stack-based buffer overflow in the zend_ini_do_op() function in Zend/zend_ini_parser.c could cause a denial of service or potentially allow executing code. NOTE: this is only relevant
25-07-2017 - 19:29 25-07-2017 - 19:29
CVE-2017-9233 5.0
XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows attackers to put the parser in an infinite loop using a malformed external entity definition from an external DTD.
25-07-2017 - 16:29 25-07-2017 - 16:29
CVE-2017-11434 2.1
The dhcp_decode function in slirp/bootp.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) via a crafted DHCP options string.
25-07-2017 - 14:29 25-07-2017 - 14:29
CVE-2015-1332 6.8
The oxide::JavaScriptDialogManager function in oxide-qt before 1.9.1 as packaged in Ubuntu 15.04 and Ubuntu 14.04 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted website.
25-07-2017 - 14:29 25-07-2017 - 14:29
CVE-2017-7980 4.6
Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via vectors related to a VNC client updating its display a
25-07-2017 - 10:29 25-07-2017 - 10:29
CVE-2015-8009 5.0
The MWOAuthDataStore::lookup_token function in Extension:OAuth for MediaWiki 1.25.x before 1.25.3, 1.24.x before 1.24.4, and before 1.23.11 does not properly validate the signature when checking the authorization signature, which allows remote regist
25-07-2017 - 10:29 25-07-2017 - 10:29
CVE-2015-7543 4.4
aRts 1.5.10 and kdelibs3 3.5.10 and earlier do not properly create temporary directories, which allows local users to hijack the IPC by pre-creating the temporary directory.
25-07-2017 - 10:29 25-07-2017 - 10:29
CVE-2017-7541 7.2
The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a
25-07-2017 - 00:29 25-07-2017 - 00:29
CVE-2015-7703 5.8
The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and w
24-07-2017 - 10:29 24-07-2017 - 10:29
CVE-2017-11577 6.8
FontForge 20161012 is vulnerable to a buffer over-read in getsid (parsettf.c) resulting in DoS or code execution via a crafted otf file.
23-07-2017 - 18:29 23-07-2017 - 18:29
CVE-2017-11576 4.3
FontForge 20161012 does not ensure a positive size in a weight vector memcpy call in readcfftopdict (parsettf.c) resulting in DoS via a crafted otf file.
23-07-2017 - 18:29 23-07-2017 - 18:29
CVE-2017-11575 6.8
FontForge 20161012 is vulnerable to a buffer over-read in strnmatch (char.c) resulting in DoS or code execution via a crafted otf file, related to a call from the readttfcopyrights function in parsettf.c.
23-07-2017 - 18:29 23-07-2017 - 18:29
CVE-2017-11574 6.8
FontForge 20161012 is vulnerable to a heap-based buffer overflow in readcffset (parsettf.c) resulting in DoS or code execution via a crafted otf file.
23-07-2017 - 18:29 23-07-2017 - 18:29
CVE-2017-11572 6.8
FontForge 20161012 is vulnerable to a heap-based buffer over-read in readcfftopdicts (parsettf.c) resulting in DoS or code execution via a crafted otf file.
23-07-2017 - 18:29 23-07-2017 - 18:29
CVE-2017-11571 6.8
FontForge 20161012 is vulnerable to a stack-based buffer overflow in addnibble (parsettf.c) resulting in DoS or code execution via a crafted otf file.
23-07-2017 - 18:29 23-07-2017 - 18:29
CVE-2017-11569 6.8
FontForge 20161012 is vulnerable to a heap-based buffer over-read in readttfcopyrights (parsettf.c) resulting in DoS or code execution via a crafted otf file.
23-07-2017 - 18:29 23-07-2017 - 18:29
CVE-2017-11568 6.8
FontForge 20161012 is vulnerable to a heap-based buffer over-read in PSCharStringToSplines (psread.c) resulting in DoS or code execution via a crafted otf file.
23-07-2017 - 18:29 23-07-2017 - 18:29
CVE-2017-11543 7.5
tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in print-sl.c.
22-07-2017 - 23:29 22-07-2017 - 23:29
CVE-2017-11542 7.5
tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c.
22-07-2017 - 23:29 22-07-2017 - 23:29
CVE-2017-11541 7.5
tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c.
22-07-2017 - 23:29 22-07-2017 - 23:29
CVE-2017-11529 4.3
The ReadMATImage function in coders/mat.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
22-07-2017 - 23:29 22-07-2017 - 23:29
CVE-2015-5300 5.0
The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option,
21-07-2017 - 10:29 21-07-2017 - 10:29
CVE-2015-5219 5.0
The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.
21-07-2017 - 10:29 21-07-2017 - 10:29
CVE-2015-5195 5.0
ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service (segmentation fault) via a crafted statistics or filegen configuration command that is not enabled during compilation.
21-07-2017 - 10:29 21-07-2017 - 10:29
CVE-2015-5194 5.0
The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.
21-07-2017 - 10:29 21-07-2017 - 10:29
CVE-2015-1323 4.9
The simulate dbus method in aptdaemon before 1.1.1+bzr982-0ubuntu3.1 as packaged in Ubuntu 15.04, before 1.1.1+bzr980-0ubuntu1.1 as packaged in Ubuntu 14.10, before 1.1.1-1ubuntu5.2 as packaged in Ubuntu 14.04 LTS, before 0.43+bzr805-0ubuntu10 as pac
21-07-2017 - 10:29 21-07-2017 - 10:29
CVE-2017-7064 4.3
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. The issue involves the "WebKit" component. It
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7061 7.5
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7056 7.5
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7055 7.5
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7052 7.5
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7048 6.8
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7046 6.8
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7039 6.8
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7037 6.8
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7034 6.8
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7030 6.8
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7018 6.8
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-11478 7.1
The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed DJVU image.
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-11450 6.8
coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short.
19-07-2017 - 03:29 19-07-2017 - 03:29
CVE-2017-11449 6.8
coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image rec
19-07-2017 - 03:29 19-07-2017 - 03:29
CVE-2017-11448 4.3
The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file.
19-07-2017 - 03:29 19-07-2017 - 03:29
CVE-2017-11447 4.3
The ReadSCREENSHOTImage function in coders/screenshot.c in ImageMagick before 7.0.6-1 has memory leaks, causing denial of service.
19-07-2017 - 03:29 19-07-2017 - 03:29
CVE-2017-11423 4.3
The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2 and other products, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted CAB file.
18-07-2017 - 16:29 18-07-2017 - 16:29
CVE-2017-10708 6.8
An issue was discovered in Apport through 2.20.x. In apport/report.py, Apport sets the ExecutablePath field and it then uses the path to run package specific hooks without protecting against path traversal. This allows remote attackers to execute arb
18-07-2017 - 16:29 18-07-2017 - 16:29
CVE-2017-7506 6.5
spice versions though 0.13 are vulnerable to out-of-bounds memory access when processing specially crafted messages from authenticated attacker to the spice server resulting into crash and/or server memory leak.
18-07-2017 - 11:29 18-07-2017 - 11:29
CVE-2017-10987 5.0
An FR-GV-304 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Buffer over-read in fr_dhcp_decode_suboptions()" and a denial of service.
17-07-2017 - 13:29 17-07-2017 - 13:29
CVE-2017-10986 5.0
An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Infinite read in dhcp_attr2vp()" and a denial of service.
17-07-2017 - 13:29 17-07-2017 - 13:29
CVE-2017-10985 7.8
An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows "Infinite loop and memory exhaustion with 'concat' attributes" and a denial of service.
17-07-2017 - 13:29 17-07-2017 - 13:29
CVE-2017-10984 7.5
An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows "Write overflow in data2vp_wimax()" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code.
17-07-2017 - 13:29 17-07-2017 - 13:29
CVE-2017-10983 5.0
An FR-GV-206 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "DHCP - Read overflow when decoding option 63" and a denial of service.
17-07-2017 - 13:29 17-07-2017 - 13:29
CVE-2017-10982 5.0
An FR-GV-205 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Buffer over-read in fr_dhcp_decode_options()" and a denial of service.
17-07-2017 - 13:29 17-07-2017 - 13:29
CVE-2017-10981 5.0
An FR-GV-204 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memory leak in fr_dhcp_decode()" and a denial of service.
17-07-2017 - 13:29 17-07-2017 - 13:29
CVE-2017-10980 5.0
An FR-GV-203 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memory leak in decode_tlv()" and a denial of service.
17-07-2017 - 13:29 17-07-2017 - 13:29
CVE-2017-10979 7.5
An FR-GV-202 issue in FreeRADIUS 2.x before 2.2.10 allows "Write overflow in rad_coalesce()" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code.
17-07-2017 - 13:29 17-07-2017 - 13:29
CVE-2017-10978 5.0
An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "Read / write overflow in make_secret()" and a denial of service.
17-07-2017 - 13:29 17-07-2017 - 13:29
CVE-2017-11362 7.5
In PHP 7.x before 7.0.21 and 7.1.x before 7.1.7, ext/intl/msgformat/msgformat_parse.c does not restrict the locale length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have
17-07-2017 - 09:18 17-07-2017 - 09:18
CVE-2017-11360 4.3
The ReadRLEImage function in coders\rle.c in ImageMagick 7.0.6-1 has a large loop vulnerability via a crafted rle file that triggers a huge number_pixels value.
17-07-2017 - 09:18 17-07-2017 - 09:18
CVE-2017-11352 4.3
In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-9144.
17-07-2017 - 09:18 17-07-2017 - 09:18
CVE-2017-1000363 7.2
Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a 'secure boot' kernel command line adversary (can happen due to bootloader vulns, e.g. Google Nexus 6's CVE-2016-10277, wher
17-07-2017 - 09:18 17-07-2017 - 09:18
CVE-2017-1000024 5.0
Shotwell version 0.24.4 or earlier and 0.25.3 or earlier is vulnerable to an information disclosure in the web publishing plugins resulting in potential password and oauth token plaintext transmission
17-07-2017 - 09:18 17-07-2017 - 09:18
CVE-2017-9789 5.0
When under stress, closing many connections, the HTTP/2 handling code in Apache httpd 2.4.26 would sometimes access memory after it has been freed, resulting in potentially erratic behaviour.
13-07-2017 - 12:29 13-07-2017 - 12:29
CVE-2017-9788 6.4
In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial ke
13-07-2017 - 12:29 13-07-2017 - 12:29
CVE-2017-7529 5.0
Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request.
13-07-2017 - 09:29 13-07-2017 - 09:29
CVE-2017-11103 6.8
Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name
13-07-2017 - 09:29 13-07-2017 - 09:29
CVE-2017-11188 7.8
The ReadDPXImage function in coders\dpx.c in ImageMagick 7.0.6-0 has a large loop vulnerability that can cause CPU exhaustion via a crafted DPX file, related to lack of an EOF check.
12-07-2017 - 11:29 12-07-2017 - 11:29
CVE-2017-11176 10.0
The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possi
11-07-2017 - 19:29 11-07-2017 - 19:29
CVE-2017-11170 6.8
The ReadTGAImage function in coders\tga.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via invalid colors data in the header of a TGA or VST file.
11-07-2017 - 16:29 11-07-2017 - 16:29
CVE-2017-11147 6.4
In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the phar_parse_pharfile fu
10-07-2017 - 10:29 10-07-2017 - 10:29
CVE-2017-11145 5.0
In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, an error in the date extension's timelib_meridian parsing code could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/p
10-07-2017 - 10:29 10-07-2017 - 10:29
CVE-2017-11144 5.0
In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, the openssl extension PEM sealing code did not check the return value of the OpenSSL sealing function, which could lead to a crash of the PHP interpreter, related to an interpretation c
10-07-2017 - 10:29 10-07-2017 - 10:29
CVE-2017-11143 5.0
In PHP before 5.6.31, an invalid free in the WDDX deserialization of boolean parameters could be used by attackers able to inject XML for deserialization to crash the PHP interpreter, related to an invalid free for an empty boolean element in ext/wdd
10-07-2017 - 10:29 10-07-2017 - 10:29
CVE-2016-10397 5.0
In PHP before 5.6.28 and 7.x before 7.0.13, incorrect handling of various URI components in the URL parser could be used by attackers to bypass hostname-specific URL checks, as demonstrated by evil.example.com:80#@good.example.com/ and evil.example.c
10-07-2017 - 10:29 10-07-2017 - 10:29
CVE-2017-11141 7.1
The ReadMATImage function in coders\mat.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted MAT file, related to incorrect ordering of a SetImageExtent call.
09-07-2017 - 23:29 09-07-2017 - 23:29
CVE-2017-11108 5.0
tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree
08-07-2017 - 13:29 08-07-2017 - 13:29
CVE-2017-7512 7.5
Red Hat 3scale (aka RH-3scale) API Management Platform (AMP) before 2.0.0 would permit creation of an access token without a client secret. An attacker could use this flaw to circumvent authentication controls and gain access to restricted APIs. NOTE
07-07-2017 - 18:29 07-07-2017 - 18:29
CVE-2017-1000381 5.0
The c-ares function `ares_parse_naptr_reply()`, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way.
07-07-2017 - 13:29 07-07-2017 - 13:29
CVE-2017-10966 7.5
An issue was discovered in Irssi before 1.0.4. While updating the internal nick list, Irssi could incorrectly use the GHashTable interface and free the nick while updating it. This would then result in use-after-free conditions on each access of the
07-07-2017 - 10:29 07-07-2017 - 10:29
CVE-2017-10965 7.5
An issue was discovered in Irssi before 1.0.4. When receiving messages with invalid time stamps, Irssi would try to dereference a NULL pointer.
07-07-2017 - 10:29 07-07-2017 - 10:29
CVE-2017-9524 5.0
The qemu-nbd server in QEMU (aka Quick Emulator), when built with the Network Block Device (NBD) Server support, allows remote attackers to cause a denial of service (segmentation fault and server crash) by leveraging failure to ensure that all initi
06-07-2017 - 12:29 06-07-2017 - 12:29
CVE-2017-10972 4.0
Uninitialized data in endianness conversion in the XEvent handling of the X.Org X Server before 2017-06-19 allowed authenticated malicious users to access potentially privileged data from the X server.
06-07-2017 - 07:29 06-07-2017 - 07:29
CVE-2017-10971 6.5
In the X.Org X server before 2017-06-19, a user authenticated to an X Session could crash or execute code in the context of the X Server by exploiting a stack overflow in the endianness conversion of X Events.
06-07-2017 - 07:29 06-07-2017 - 07:29
CVE-2017-10748 4.6
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at xnview+0x000000000022bf8d."
05-07-2017 - 16:29 05-07-2017 - 16:29
CVE-2017-2295 6.0
Versions of Puppet prior to 4.10.1 will deserialize data off the wire (from the agent to the server, in this case) with a attacker-specified format. This could be used to force YAML deserialization in an unsafe manner, which would lead to remote code
05-07-2017 - 11:29 05-07-2017 - 11:29
CVE-2017-10928 6.8
In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mis
05-07-2017 - 07:29 05-07-2017 - 07:29
CVE-2017-10922 5.0
The grant-table feature in Xen through 4.8.x mishandles MMIO region grant references, which allows guest OS users to cause a denial of service (loss of grant trackability), aka XSA-224 bug 3.
04-07-2017 - 21:29 04-07-2017 - 21:29
CVE-2017-10921 10.0
The grant-table feature in Xen through 4.8.x does not ensure sufficient type counts for a GNTMAP_device_map and GNTMAP_host_map mapping, which allows guest OS users to cause a denial of service (count mismanagement and memory corruption) or obtain pr
04-07-2017 - 21:29 04-07-2017 - 21:29
CVE-2017-10920 10.0
The grant-table feature in Xen through 4.8.x mishandles a GNTMAP_device_map and GNTMAP_host_map mapping, when followed by only a GNTMAP_host_map unmapping, which allows guest OS users to cause a denial of service (count mismanagement and memory corru
04-07-2017 - 21:29 04-07-2017 - 21:29
CVE-2017-10919 5.0
Xen through 4.8.x mishandles virtual interrupt injection, which allows guest OS users to cause a denial of service (hypervisor crash), aka XSA-223.
04-07-2017 - 21:29 04-07-2017 - 21:29
CVE-2017-10918 10.0
Xen through 4.8.x does not validate memory allocations during certain P2M operations, which allows guest OS users to obtain privileged host OS access, aka XSA-222.
04-07-2017 - 21:29 04-07-2017 - 21:29
CVE-2017-10917 9.4
Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) or possibly obtain sensitive information, aka XSA-221.
04-07-2017 - 21:29 04-07-2017 - 21:29
CVE-2017-10916 5.0
The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions (MPX) and Protection Key (PKU) features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, a
04-07-2017 - 21:29 04-07-2017 - 21:29
CVE-2017-10915 6.8
The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduces a race condition, which allows guest OS users to obtain Xen privileges, aka XSA-219.
04-07-2017 - 21:29 04-07-2017 - 21:29
CVE-2017-10914 6.8
The grant-table feature in Xen through 4.8.x has a race condition leading to a double free, which allows guest OS users to cause a denial of service (memory consumption), or possibly obtain sensitive information or gain privileges, aka XSA-218 bug 2.
04-07-2017 - 21:29 04-07-2017 - 21:29
CVE-2017-10913 7.5
The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows backend attackers to obtain sensitive information or gain privileges, aka XSA-218 bug 1.
04-07-2017 - 21:29 04-07-2017 - 21:29
CVE-2017-10912 10.0
Xen through 4.8.x mishandles page transfer, which allows guest OS users to obtain privileged host OS access, aka XSA-217.
04-07-2017 - 21:29 04-07-2017 - 21:29
CVE-2017-10911 4.9
The make_response function in drivers/block/xen-blkback/blkback.c in the Linux kernel before 4.11.8 allows guest OS users to obtain sensitive information from host OS (or other guest OS) kernel memory by leveraging the copying of uninitialized paddin
04-07-2017 - 21:29 04-07-2017 - 21:29
CVE-2017-10810 7.8
Memory leak in the virtio_gpu_object_create function in drivers/gpu/drm/virtio/virtgpu_object.c in the Linux kernel through 4.11.8 allows attackers to cause a denial of service (memory consumption) by triggering object-initialization failures.
04-07-2017 - 16:29 04-07-2017 - 16:29
CVE-2017-10800 4.3
When GraphicsMagick 1.3.25 processes a MATLAB image in coders/mat.c, it can lead to a denial of service (OOM) in ReadMATImage() if the size specified for a MAT Object is larger than the actual amount of data.
02-07-2017 - 21:29 02-07-2017 - 21:29
CVE-2017-10672 7.5
Use-after-free in the XML-LibXML module through 2.0129 for Perl allows remote attackers to execute arbitrary code by controlling the arguments to a replaceChild call.
29-06-2017 - 04:29 29-06-2017 - 04:29
CVE-2017-9985 7.2
The snd_msndmidi_input_read function in sound/isa/msnd/msnd_midi.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service (over-boundary access) or possibly have unspecified other impact by changing the value of a message
28-06-2017 - 02:29 28-06-2017 - 02:29
CVE-2017-9984 7.2
The snd_msnd_interrupt function in sound/isa/msnd/msnd_pinnacle.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service (over-boundary access) or possibly have unspecified other impact by changing the value of a message q
28-06-2017 - 02:29 28-06-2017 - 02:29
CVE-2017-9445 5.0
In systemd through 233, certain sizes passed to dns_packet_new in systemd-resolved can cause it to allocate a buffer that's too small. A malicious DNS server can exploit this via a response with a specially crafted TCP payload to trick systemd-resolv
28-06-2017 - 02:29 28-06-2017 - 02:29
CVE-2017-7521 4.3
OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service due to memory exhaustion caused by memory leaks and double-free issue in extract_x509_extension().
27-06-2017 - 09:29 27-06-2017 - 09:29
CVE-2017-7520 4.0
OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service and/or possibly sensitive memory leak triggered by man-in-the-middle attacker.
27-06-2017 - 09:29 27-06-2017 - 09:29
CVE-2017-7508 5.0
OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service when receiving malformed IPv6 packet.
27-06-2017 - 09:29 27-06-2017 - 09:29
CVE-2017-9865 4.3
The function GfxImageColorMap::getGray in GfxState.cc in Poppler 0.54.0 allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted PDF document, related to missing color-map validation in I
25-06-2017 - 09:29 25-06-2017 - 09:29
CVE-2017-9776 6.8
Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document.
22-06-2017 - 17:29 22-06-2017 - 17:29
CVE-2017-9775 4.3
Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document.
22-06-2017 - 17:29 22-06-2017 - 17:29
CVE-2017-9766 5.0
In Wireshark 2.2.7, PROFINET IO data with a high recursion depth allows remote attackers to cause a denial of service (stack exhaustion) in the dissect_IODWriteReq function in plugins/profinet/packet-dcerpc-pn-io.c.
21-06-2017 - 03:29 21-06-2017 - 03:29
CVE-2017-7679 7.5
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.
19-06-2017 - 21:29 19-06-2017 - 21:29
CVE-2017-7668 7.5
The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacke
19-06-2017 - 21:29 19-06-2017 - 21:29
CVE-2017-3169 7.5
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port.
19-06-2017 - 21:29 19-06-2017 - 21:29
CVE-2017-3167 7.5
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.
19-06-2017 - 21:29 19-06-2017 - 21:29
CVE-2017-1000376 6.9
libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was previously stated that this affects libffi version
19-06-2017 - 12:29 19-06-2017 - 12:29
CVE-2017-1000369 2.1
Exim supports the use of multiple "-p" command line arguments which are malloc()'ed and never free()'ed, used in conjunction with other issues allows attackers to cause arbitrary code execution. This affects exim version 4.89 and earlier. Please note
19-06-2017 - 12:29 19-06-2017 - 12:29
CVE-2017-1000366 7.2
glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made t
19-06-2017 - 12:29 19-06-2017 - 12:29
CVE-2017-1000365 7.2
The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows attackers to bypass
19-06-2017 - 12:29 19-06-2017 - 12:29
CVE-2017-1000364 6.2
An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the
19-06-2017 - 12:29 19-06-2017 - 12:29
CVE-2017-1000380 2.1
sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed
17-06-2017 - 14:29 17-06-2017 - 14:29
CVE-2017-9503 1.9
QEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors involving megasas co
16-06-2017 - 18:29 16-06-2017 - 18:29
CVE-2017-9375 1.9
QEMU (aka Quick Emulator), when built with USB xHCI controller emulator support, allows local guest OS privileged users to cause a denial of service (infinite recursive call) via vectors involving control transfer descriptors sequencing.
16-06-2017 - 18:29 16-06-2017 - 18:29
CVE-2017-9374 2.1
Memory leak in QEMU (aka Quick Emulator), when built with USB EHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly hot-unplugging the device.
16-06-2017 - 18:29 16-06-2017 - 18:29
CVE-2017-9373 1.9
Memory leak in QEMU (aka Quick Emulator), when built with IDE AHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly hot-unplugging the AHCI device.
16-06-2017 - 18:29 16-06-2017 - 18:29
CVE-2017-7507 5.0
GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could lead to a crash of the GnuTLS server application.
16-06-2017 - 15:29 16-06-2017 - 15:29
CVE-2017-9617 5.0
In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion (uncontrolled recursion) in the dissect_daap_one_tag function in epan/dissectors/packet-daap.c in the DAAP dissector.
14-06-2017 - 16:29 14-06-2017 - 16:29
CVE-2017-9605 4.9
The vmw_gb_surface_define_ioctl function (accessible via DRM_IOCTL_VMW_GB_SURFACE_CREATE) in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.11.4 defines a backup_handle variable but does not give it an initial value. If one att
13-06-2017 - 15:29 13-06-2017 - 15:29
CVE-2015-9096 4.3
Net::SMTP in Ruby before 2.4.0 is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring.
12-06-2017 - 16:29 12-06-2017 - 16:29
CVE-2017-9526 4.3
In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session key (from side-channel observation during the signing process) can easily recover the long-term secret key. 1.7.7 makes a cipher/ecc-eddsa.c change to store this session key in secur
10-06-2017 - 22:29 10-06-2017 - 22:29
CVE-2017-9330 1.9
QEMU (aka Quick Emulator) before 2.9.0, when built with the USB OHCI Emulation support, allows local guest OS users to cause a denial of service (infinite loop) by leveraging an incorrect return value, a different vulnerability than CVE-2017-6505.
08-06-2017 - 12:29 08-06-2017 - 12:29
CVE-2017-9310 1.9
QEMU (aka Quick Emulator), when built with the e1000e NIC emulation support, allows local guest OS privileged users to cause a denial of service (infinite loop) via vectors related to setting the initial receive / transmit descriptor head (TDH/RDH) o
08-06-2017 - 12:29 08-06-2017 - 12:29
CVE-2017-9023 4.3
The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers to cause a denial of service (infinite loop) via a crafted certificate.
08-06-2017 - 12:29 08-06-2017 - 12:29
CVE-2017-9022 5.0
The gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before calling mpz_powm_sec, which allows remote peers to cause a denial of service (floating point exception and process crash) via a crafted certificate.
08-06-2017 - 12:29 08-06-2017 - 12:29
CVE-2017-9501 4.3
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via a crafted file.
07-06-2017 - 10:29 07-06-2017 - 10:29
CVE-2017-9469 5.0
In Irssi before 1.0.3, when receiving certain incorrectly quoted DCC files, it tries to find the terminating quote one byte before the allocated memory. Thus, remote attackers might be able to cause a crash.
06-06-2017 - 21:29 06-06-2017 - 21:29
CVE-2017-9468 5.0
In Irssi before 1.0.3, when receiving a DCC message without source nick/host, it attempts to dereference a NULL pointer. Thus, remote IRC servers can cause a crash.
06-06-2017 - 21:29 06-06-2017 - 21:29
CVE-2017-9461 7.8
smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability (fd_open_atomic infinite loop with high CPU usage and memory consumption) due to wrongly handling dangling symlinks.
06-06-2017 - 17:29 06-06-2017 - 17:29
CVE-2017-5664 5.0
The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request
06-06-2017 - 10:29 06-06-2017 - 10:29
CVE-2017-9440 4.3
In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPSDChannel in coders/psd.c, which allows attackers to cause a denial of service via a crafted file.
05-06-2017 - 14:29 05-06-2017 - 14:29
CVE-2017-9439 4.3
In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service via a crafted file.
05-06-2017 - 14:29 05-06-2017 - 14:29
CVE-2017-1000368 7.2
Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution.
05-06-2017 - 12:29 05-06-2017 - 12:29
CVE-2017-1000367 6.9
Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution.
05-06-2017 - 10:29 05-06-2017 - 10:29
CVE-2017-9433 7.5
Document Liberation Project libmwaw before 2017-04-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the MsWrd1Parser::readFootnoteCorrespondance function in lib/MsWrd1Parser.cxx.
04-06-2017 - 23:29 04-06-2017 - 23:29
CVE-2017-9409 4.3
In ImageMagick 7.0.5-5, the ReadMPCImage function in mpc.c allows attackers to cause a denial of service (memory leak) via a crafted file.
02-06-2017 - 15:29 02-06-2017 - 15:29
CVE-2017-9408 4.3
In Poppler 0.54.0, a memory leak vulnerability was found in the function Object::initArray in Object.cc, which allows attackers to cause a denial of service via a crafted file.
02-06-2017 - 15:29 02-06-2017 - 15:29
CVE-2017-9407 4.3
In ImageMagick 7.0.5-5, the ReadPALMImage function in palm.c allows attackers to cause a denial of service (memory leak) via a crafted file.
02-06-2017 - 15:29 02-06-2017 - 15:29
CVE-2017-9406 4.3
In Poppler 0.54.0, a memory leak vulnerability was found in the function gmalloc in gmem.cc, which allows attackers to cause a denial of service via a crafted file.
02-06-2017 - 15:29 02-06-2017 - 15:29
CVE-2017-9405 4.3
In ImageMagick 7.0.5-5, the ReadICONImage function in icon.c:452 allows attackers to cause a denial of service (memory leak) via a crafted file.
02-06-2017 - 15:29 02-06-2017 - 15:29
CVE-2017-9060 4.9
Memory leak in the virtio_gpu_set_scanout function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (memory consumption) via a large number of "VIRTIO_GPU_CMD_SET_SCANOUT:" commands.
01-06-2017 - 12:29 01-06-2017 - 12:29
CVE-2017-8386 6.5
git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before 2.6.7, 2.7.x before 2.7.5, 2.8.x before 2.8.5, 2.9.x before 2.9.4, 2.10.x before 2.10.3, 2.11.x before 2.11.2, and 2.12.x before 2.12.3 might allow remote authenticated users to gain pr
01-06-2017 - 12:29 01-06-2017 - 12:29
CVE-2017-7502 5.0
Null pointer dereference vulnerability in NSS since 3.24.0 was found when server receives empty SSLv2 messages resulting into denial of service by remote attacker.
30-05-2017 - 14:29 30-05-2017 - 14:29
CVE-2017-7494 10.0
Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
30-05-2017 - 14:29 30-05-2017 - 14:29
CVE-2017-9148 7.5
The TLS session cache in FreeRADIUS 2.1.1 through 2.1.7, 3.0.x before 3.0.14, 3.1.x before 2017-02-04, and 4.0.x before 2017-02-04 fails to reliably prevent resumption of an unauthenticated session, which allows remote attackers (such as malicious 80
29-05-2017 - 13:29 29-05-2017 - 13:29
CVE-2017-9287 4.0
servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0.
29-05-2017 - 12:29 29-05-2017 - 12:29
CVE-2017-9265 7.5
In Open vSwitch (OvS) v2.7.0, there is a buffer over-read while parsing the group mod OpenFlow message sent from the controller in `lib/ofp-util.c` in the function `ofputil_pull_ofp15_group_mod`.
29-05-2017 - 00:29 29-05-2017 - 00:29
CVE-2017-9264 7.5
In lib/conntrack.c in the firewall implementation in Open vSwitch (OvS) 2.6.1, there is a buffer over-read while parsing malformed TCP, UDP, and IPv6 packets in the functions `extract_l3_ipv6`, `extract_l4_tcp`, and `extract_l4_udp` that can be trigg
29-05-2017 - 00:29 29-05-2017 - 00:29
CVE-2017-9263 3.3
In Open vSwitch (OvS) 2.7.0, while parsing an OpenFlow role status message, there is a call to the abort() function for undefined role status reasons in the function `ofp_print_role_status_message` in `lib/ofp-print.c` that may be leveraged toward a
29-05-2017 - 00:29 29-05-2017 - 00:29
CVE-2017-9262 4.3
In ImageMagick 7.0.5-6 Q16, the ReadJNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
29-05-2017 - 00:29 29-05-2017 - 00:29
CVE-2017-9261 4.3
In ImageMagick 7.0.5-6 Q16, the ReadMNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
29-05-2017 - 00:29 29-05-2017 - 00:29
CVE-2017-9242 4.9
The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via craft
26-05-2017 - 21:29 26-05-2017 - 21:29
CVE-2015-5211 9.3
Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to 4.1.7, 3.2.0 to 3.2.14 and older unsupported versions is vulnerable to a Reflected File Download (RFD) attack. The attack involves a malicious user crafting a URL with a batch scrip
25-05-2017 - 13:29 25-05-2017 - 13:29
CVE-2014-3527 7.5
When using the CAS Proxy ticket authentication from Spring Security 3.1 to 3.2.4 a malicious CAS Service could trick another CAS Service into authenticating a proxy ticket that was not associated. This is due to the fact that the proxy ticket authent
25-05-2017 - 13:29 25-05-2017 - 13:29
CVE-2014-0225 6.8
When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references in a DTD declaration. This enabled an XXE attack.
25-05-2017 - 13:29 25-05-2017 - 13:29
CVE-2014-0097 7.5
The ActiveDirectoryLdapAuthenticator in Spring Security 3.2.0 to 3.2.1 and 3.1.0 to 3.1.5 does not check the password length. If the directory allows anonymous binds then it may incorrectly authenticate a user who supplies an empty password.
25-05-2017 - 13:29 25-05-2017 - 13:29
CVE-2017-9229 5.0
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A SIGSEGV occurs in left_adjust_char_head() during regular expression compilation. Invalid handling of reg->dmax in forward_
24-05-2017 - 11:29 24-05-2017 - 11:29
CVE-2017-9228 7.5
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitset_set_range() during regular expression compilation due to an uninitialized variab
24-05-2017 - 11:29 24-05-2017 - 11:29
CVE-2017-9227 7.5
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in mbc_enc_len() during regular expression searching. Invalid handling of reg->dmin in for
24-05-2017 - 11:29 24-05-2017 - 11:29
CVE-2017-9226 7.5
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read occurs in next_state_val() during regular expression compilation. Octal numbers larger th
24-05-2017 - 11:29 24-05-2017 - 11:29
CVE-2017-9224 7.5
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in match_at() during regular expression searching. A logical error involving order of vali
24-05-2017 - 11:29 24-05-2017 - 11:29
CVE-2017-9214 7.5
In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`.
23-05-2017 - 13:29 23-05-2017 - 13:29
CVE-2017-8379 4.9
Memory leak in the keyboard input event handlers support in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) by rapidly generating large keyboard events.
23-05-2017 - 00:29 23-05-2017 - 00:29
CVE-2017-8309 7.8
Memory leak in the audio/audio.c in QEMU (aka Quick Emulator) allows remote attackers to cause a denial of service (memory consumption) by repeatedly starting and stopping audio capture.
23-05-2017 - 00:29 23-05-2017 - 00:29
CVE-2016-9843 7.5
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
23-05-2017 - 00:29 23-05-2017 - 00:29
CVE-2016-9842 6.8
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
23-05-2017 - 00:29 23-05-2017 - 00:29
CVE-2016-9841 7.5
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
23-05-2017 - 00:29 23-05-2017 - 00:29
CVE-2016-9840 6.8
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
23-05-2017 - 00:29 23-05-2017 - 00:29
CVE-2016-7979 7.5
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initialize_dsc_parser.
23-05-2017 - 00:29 23-05-2017 - 00:29
CVE-2016-7978 7.5
Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice.
23-05-2017 - 00:29 23-05-2017 - 00:29
CVE-2016-7977 4.3
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document.
23-05-2017 - 00:29 23-05-2017 - 00:29
CVE-2016-5178 7.5
Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.143 allow remote attackers to cause a denial of service or possibly have other impact via unknown vectors.
23-05-2017 - 00:29 23-05-2017 - 00:29
CVE-2016-5177 6.8
Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors.
23-05-2017 - 00:29 23-05-2017 - 00:29
CVE-2015-5383 5.0
Roundcube Webmail 1.1.x before 1.1.2 allows remote attackers to obtain sensitive information by reading files in the (1) config, (2) temp, or (3) logs directory.
23-05-2017 - 00:29 23-05-2017 - 00:29
CVE-2015-5382 4.0
program/steps/addressbook/photo.inc in Roundcube Webmail before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via the _alt parameter when uploading a vCard.
23-05-2017 - 00:29 23-05-2017 - 00:29
CVE-2015-5381 4.3
Cross-site scripting (XSS) vulnerability in program/include/rcmail.php in Roundcube Webmail 1.1.x before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the _mbox parameter to the default URI.
23-05-2017 - 00:29 23-05-2017 - 00:29
CVE-2017-9150 2.1
The do_check function in kernel/bpf/verifier.c in the Linux kernel before 4.11.1 does not make the allow_ptr_leaks value available for restricting the output of the print_bpf_insn function, which allows local users to obtain sensitive address informa
22-05-2017 - 18:29 22-05-2017 - 18:29
CVE-2017-6891 6.8
Two errors in the "asn1_find_node()" function (lib/parser_aux.c) within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Co
22-05-2017 - 15:29 22-05-2017 - 15:29
CVE-2017-9144 4.3
In ImageMagick 7.0.5-5, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c.
22-05-2017 - 10:29 22-05-2017 - 10:29
CVE-2017-9143 4.3
In ImageMagick 7.0.5-5, the ReadARTImage function in coders/art.c allows attackers to cause a denial of service (memory leak) via a crafted .art file.
22-05-2017 - 10:29 22-05-2017 - 10:29
CVE-2017-9142 4.3
In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the WriteBlob function in MagickCore/blob.c because of missing checks in the ReadOneJNGImage function in coders/png.c.
22-05-2017 - 10:29 22-05-2017 - 10:29
CVE-2017-9141 4.3
In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the ResetImageProfileIterator function in MagickCore/profile.c because of missing checks in the ReadDDSImage function in coders/dds.c.
22-05-2017 - 10:29 22-05-2017 - 10:29
CVE-2017-2539 6.8
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory c
22-05-2017 - 01:29 22-05-2017 - 01:29
CVE-2017-2538 6.8
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory c
22-05-2017 - 01:29 22-05-2017 - 01:29
CVE-2017-2510 4.3
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site t
22-05-2017 - 01:29 22-05-2017 - 01:29
CVE-2017-2496 6.8
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory c
22-05-2017 - 01:29 22-05-2017 - 01:29
CVE-2017-9098 5.0
ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a lon
19-05-2017 - 15:29 19-05-2017 - 15:29
CVE-2017-9077 7.2
The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related is
19-05-2017 - 10:29 19-05-2017 - 10:29
CVE-2017-9076 7.2
The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related i
19-05-2017 - 03:29 19-05-2017 - 03:29
CVE-2017-9075 7.2
The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related is
19-05-2017 - 03:29 19-05-2017 - 03:29
CVE-2017-9074 7.2
The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly
19-05-2017 - 03:29 19-05-2017 - 03:29
CVE-2017-7493 4.6
Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System(9pfs) support, is vulnerable to an improper access control issue. It could occur while accessing virtfs metadata files in mapped-file security mode. A guest us
17-05-2017 - 11:29 17-05-2017 - 11:29
CVE-2017-8422 7.2
KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.
17-05-2017 - 10:29 17-05-2017 - 10:29
CVE-2017-6887 6.8
A boundary error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "DSLR-A100" and containing mult
16-05-2017 - 12:29 16-05-2017 - 12:29
CVE-2017-6886 7.5
An error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to corrupt memory.
16-05-2017 - 12:29 16-05-2017 - 12:29
CVE-2017-7495 2.1
fs/ext4/inode.c in the Linux kernel before 4.6.2, when ext4 data=ordered mode is used, mishandles a needs-flushing-before-commit list, which allows local users to obtain sensitive information from other users' files in opportunistic circumstances by
15-05-2017 - 14:29 15-05-2017 - 14:29
CVE-2017-7479 4.0
OpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to reachable assertion when packet-ID counter rolls over resulting into Denial of Service of server by authenticated attacker.
15-05-2017 - 14:29 15-05-2017 - 14:29
CVE-2017-7478 5.0
OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Denial of Service of server via received large control packet. Note that this issue is fixed in 2.3.15 and 2.4.2.
15-05-2017 - 14:29 15-05-2017 - 14:29
CVE-2017-7487 7.2
The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel through 4.11.1 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR io
14-05-2017 - 18:29 14-05-2017 - 18:29
CVE-2017-8925 2.1
The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling.
12-05-2017 - 17:29 12-05-2017 - 17:29
CVE-2017-8924 2.1
The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device
12-05-2017 - 17:29 12-05-2017 - 17:29
CVE-2017-0605 None
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
12-05-2017 - 11:29 12-05-2017 - 11:29
CVE-2017-0248 5.0
Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to bypass Enhanced Security Usage taggings when they present a certificate that is invalid for a specific use, aka ".NET Security Feature Bypass Vulnerabilit
12-05-2017 - 10:29 12-05-2017 - 10:29
CVE-2017-8900 2.1
LightDM through 1.22.0, when systemd is used in Ubuntu 16.10 and 17.x, allows physically proximate attackers to bypass intended AppArmor restrictions and visit the home directories of arbitrary users by establishing a guest session.
12-05-2017 - 03:29 12-05-2017 - 03:29
CVE-2017-8357 4.3
In ImageMagick 7.0.5-5, the ReadEPTImage function in ept.c allows attackers to cause a denial of service (memory leak) via a crafted file.
11-05-2017 - 21:29 30-04-2017 - 13:59
CVE-2017-8356 4.3
In ImageMagick 7.0.5-5, the ReadSUNImage function in sun.c allows attackers to cause a denial of service (memory leak) via a crafted file.
11-05-2017 - 21:29 30-04-2017 - 13:59
CVE-2017-8355 4.3
In ImageMagick 7.0.5-5, the ReadMTVImage function in mtv.c allows attackers to cause a denial of service (memory leak) via a crafted file.
11-05-2017 - 21:29 30-04-2017 - 13:59
CVE-2017-8354 4.3
In ImageMagick 7.0.5-5, the ReadBMPImage function in bmp.c allows attackers to cause a denial of service (memory leak) via a crafted file.
11-05-2017 - 21:29 30-04-2017 - 13:59
CVE-2017-8353 4.3
In ImageMagick 7.0.5-5, the ReadPICTImage function in pict.c allows attackers to cause a denial of service (memory leak) via a crafted file.
11-05-2017 - 21:29 30-04-2017 - 13:59
CVE-2017-8352 4.3
In ImageMagick 7.0.5-5, the ReadXWDImage function in xwd.c allows attackers to cause a denial of service (memory leak) via a crafted file.
11-05-2017 - 21:29 30-04-2017 - 13:59
CVE-2017-8351 4.3
In ImageMagick 7.0.5-5, the ReadPCDImage function in pcd.c allows attackers to cause a denial of service (memory leak) via a crafted file.
11-05-2017 - 21:29 30-04-2017 - 13:59
CVE-2017-8350 4.3
In ImageMagick 7.0.5-5, the ReadJNGImage function in png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
11-05-2017 - 21:29 30-04-2017 - 13:59
CVE-2017-8349 4.3
In ImageMagick 7.0.5-5, the ReadSFWImage function in sfw.c allows attackers to cause a denial of service (memory leak) via a crafted file.
11-05-2017 - 21:29 30-04-2017 - 13:59
CVE-2017-8348 4.3
In ImageMagick 7.0.5-5, the ReadMATImage function in mat.c allows attackers to cause a denial of service (memory leak) via a crafted file.
11-05-2017 - 21:29 30-04-2017 - 13:59
CVE-2017-5461 7.5
Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other i
11-05-2017 - 21:29 10-05-2017 - 21:29
CVE-2017-8905 6.8
Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-215.
11-05-2017 - 15:29 11-05-2017 - 15:29
CVE-2017-8904 6.8
Xen through 4.8.x mishandles the "contains segment descriptors" property during GNTTABOP_transfer (aka guest transfer) operations, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-214.
11-05-2017 - 15:29 11-05-2017 - 15:29
CVE-2017-8903 7.2
Xen through 4.8.x on 64-bit platforms mishandles page tables after an IRET hypercall, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-213.
11-05-2017 - 15:29 11-05-2017 - 15:29
CVE-2017-7472 4.9
The KEYS subsystem in the Linux kernel before 4.10.13 allows local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls.
11-05-2017 - 15:29 11-05-2017 - 15:29
CVE-2017-8086 4.9
Memory leak in the v9fs_list_xattr function in hw/9pfs/9p-xattr.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (memory consumption) via vectors involving the orig_value variable.
11-05-2017 - 12:59 02-05-2017 - 10:59
CVE-2016-2126 4.0
Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate) checksum. A remote, authenticated, attacker can cause the winbindd process to crash using a legitimate Kerbero
11-05-2017 - 10:29 11-05-2017 - 10:29
CVE-2017-7895 10.0
The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted reque
11-05-2017 - 10:19 28-04-2017 - 06:59
CVE-2017-8798 7.5
Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact.
10-05-2017 - 21:29 10-05-2017 - 21:29
CVE-2017-8347 4.3
In ImageMagick 7.0.5-5, the ReadEXRImage function in exr.c allows attackers to cause a denial of service (memory leak) via a crafted file.
10-05-2017 - 21:29 30-04-2017 - 13:59
CVE-2017-8346 4.3
In ImageMagick 7.0.5-5, the ReadDCMImage function in dcm.c allows attackers to cause a denial of service (memory leak) via a crafted file.
10-05-2017 - 21:29 30-04-2017 - 13:59
CVE-2016-10200 6.9
Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a s
10-05-2017 - 21:29 07-03-2017 - 16:59
CVE-2014-9940 7.6
The regulator_ena_gpio_free function in drivers/regulator/core.c in the Linux kernel before 3.19 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted application.
10-05-2017 - 21:29 02-05-2017 - 17:59
CVE-2017-8890 10.0
The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.
10-05-2017 - 12:29 10-05-2017 - 12:29
CVE-2016-2183 5.0
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birth
09-05-2017 - 21:29 31-08-2016 - 20:59
CVE-2017-8291 6.8
Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in
09-05-2017 - 20:31 26-04-2017 - 21:59
CVE-2017-0352 7.2
All versions of the NVIDIA GPU Display Driver contain a vulnerability in the GPU firmware where incorrect access control may allow CPU access sensitive GPU control registers, leading to an escalation of privileges
09-05-2017 - 17:29 09-05-2017 - 17:29
CVE-2017-0351 7.2
All versions of the NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where a NULL pointer dereference caused by invalid user input may lead to denial of service or potential escalation of privileges.
09-05-2017 - 17:29 09-05-2017 - 17:29
CVE-2017-0350 7.2
All versions of the NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where a value passed from a user to the driver is not correctly validated and used in an offset calculation may lead to denial of service or potent
09-05-2017 - 17:29 09-05-2017 - 17:29
CVE-2017-8287 7.5
FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c.
09-05-2017 - 08:44 26-04-2017 - 20:59
CVE-2014-8354 4.3
The HorizontalFilter function in resize.c in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.
09-05-2017 - 08:40 11-04-2017 - 15:59
CVE-2017-7606 4.3
coders/rle.c in ImageMagick 7.0.5-4 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified ot
09-05-2017 - 08:36 09-04-2017 - 10:59
CVE-2017-7941 4.3
The ReadSGIImage function in sgi.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.
09-05-2017 - 08:36 18-04-2017 - 15:59
CVE-2017-7942 4.3
The ReadAVSImage function in avs.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.
09-05-2017 - 08:36 18-04-2017 - 15:59
CVE-2017-7943 4.3
The ReadSVGImage function in svg.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.
09-05-2017 - 08:36 18-04-2017 - 15:59
CVE-2017-5031 6.8
A use after free in ANGLE in Google Chrome prior to 57.0.2987.98 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
08-05-2017 - 21:29 24-04-2017 - 19:59
CVE-2017-8345 4.3
In ImageMagick 7.0.5-5, the ReadMNGImage function in png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
08-05-2017 - 15:32 30-04-2017 - 13:59
CVE-2017-8344 4.3
In ImageMagick 7.0.5-5, the ReadPCXImage function in pcx.c allows attackers to cause a denial of service (memory leak) via a crafted file.
08-05-2017 - 15:32 30-04-2017 - 13:59
CVE-2017-8343 4.3
In ImageMagick 7.0.5-5, the ReadAAIImage function in aai.c allows attackers to cause a denial of service (memory leak) via a crafted file.
08-05-2017 - 15:31 30-04-2017 - 13:59
CVE-2017-8831 7.2
The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain se
08-05-2017 - 02:29 08-05-2017 - 02:29
CVE-2017-8830 4.3
In ImageMagick 7.0.5-6, the ReadBMPImage function in bmp.c:1379 allows attackers to cause a denial of service (memory leak) via a crafted file.
08-05-2017 - 02:29 08-05-2017 - 02:29
CVE-2017-8829 6.8
Deserialization vulnerability in lintian through 2.5.50.3 allows attackers to trigger code execution by requesting a review of a source package with a crafted YAML file.
08-05-2017 - 02:29 08-05-2017 - 02:29
CVE-2017-5661 7.9
In Apache FOP before 2.2, files lying on the filesystem of the server which uses FOP can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable applic
05-05-2017 - 21:29 18-04-2017 - 10:59
CVE-2017-3732 4.3
There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be
05-05-2017 - 21:29 04-05-2017 - 15:29
CVE-2017-3731 5.0
If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can
05-05-2017 - 21:29 04-05-2017 - 15:29
CVE-2016-7055 2.6
There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA
05-05-2017 - 21:29 04-05-2017 - 16:29
CVE-2014-9654 7.5
The Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which
05-05-2017 - 13:59 24-04-2017 - 02:59
CVE-2017-8365 4.3
The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file.
05-05-2017 - 13:38 30-04-2017 - 15:59
CVE-2017-8363 4.3
The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted audio file.
05-05-2017 - 13:38 30-04-2017 - 15:59
CVE-2017-8362 4.3
The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted audio file.
05-05-2017 - 13:19 30-04-2017 - 15:59
CVE-2017-8361 4.3
The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted audio file.
05-05-2017 - 13:19 30-04-2017 - 15:59
CVE-2017-7477 6.9
Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module in the Linux kernel through 4.10.12 allows attackers to cause a denial of service or possibly have unspecified other impact by leveraging the use of a MAX_SKB_FRAGS+1 size in con
05-05-2017 - 09:20 25-04-2017 - 10:59
CVE-2017-8112 4.9
hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and CPU consumption) via the message ring page count.
04-05-2017 - 21:29 02-05-2017 - 10:59
CVE-2017-7718 2.1
hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and
04-05-2017 - 21:29 20-04-2017 - 13:59
CVE-2014-9680 2.1
sudo before 1.8.12 does not ensure that the TZ environment variable is associated with a zoneinfo file, which allows local users to open arbitrary files for read access (but not view file contents) by running a program within an sudo session, as demo
04-05-2017 - 17:09 24-04-2017 - 02:59
CVE-2017-3539 2.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121. Difficult to exploit vulnerability allows unauthen
04-05-2017 - 14:01 24-04-2017 - 15:59
CVE-2017-3544 4.3
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit
04-05-2017 - 14:01 24-04-2017 - 15:59
CVE-2017-3526 7.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulne
04-05-2017 - 13:49 24-04-2017 - 15:59
CVE-2017-3511 3.7
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability
04-05-2017 - 13:46 24-04-2017 - 15:59
CVE-2017-3509 4.0
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121. Difficult to exploit vulnerability allows unauth
04-05-2017 - 13:44 24-04-2017 - 15:59
CVE-2017-3533 4.3
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit
04-05-2017 - 11:55 24-04-2017 - 15:59
CVE-2017-3458 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple
04-05-2017 - 09:43 24-04-2017 - 15:59
CVE-2017-3450 5.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows unauthenticated attacker with
04-05-2017 - 09:42 24-04-2017 - 15:59
CVE-2017-3331 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). The supported version that is affected is 5.7.11 to 5.7.17. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple pr
04-05-2017 - 09:40 24-04-2017 - 15:59
CVE-2017-3329 5.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Thread Pooling). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows unau
04-05-2017 - 09:39 24-04-2017 - 15:59
CVE-2017-3305 6.3
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). Supported versions that are affected are 5.5.55 and earlier and 5.6.35 and earlier. Difficult to exploit vulnerability allows low privileged attacker with netw
04-05-2017 - 09:06 24-04-2017 - 15:59
CVE-2017-8765 7.1
The function named ReadICONImage in coders\icon.c in ImageMagick 7.0.5-5 has a memory leak vulnerability which can cause memory exhaustion via a crafted ICON file.
04-05-2017 - 00:59 04-05-2017 - 00:59
CVE-2017-3309 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privi
03-05-2017 - 12:16 24-04-2017 - 15:59
CVE-2017-3453 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privi
03-05-2017 - 12:15 24-04-2017 - 15:59
CVE-2017-3454 5.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multip
03-05-2017 - 12:15 24-04-2017 - 15:59
CVE-2017-3468 3.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.7.17 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network acce
03-05-2017 - 11:14 24-04-2017 - 15:59
CVE-2017-3467 4.3
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). Supported versions that are affected are 5.7.17 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl
03-05-2017 - 11:14 24-04-2017 - 15:59
CVE-2017-3465 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network acce
03-05-2017 - 11:14 24-04-2017 - 15:59
CVE-2017-3462 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allow
03-05-2017 - 11:13 24-04-2017 - 15:59
CVE-2017-3461 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allow
03-05-2017 - 11:13 24-04-2017 - 15:59
CVE-2017-3460 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Plug-in). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via
03-05-2017 - 11:13 24-04-2017 - 15:59
CVE-2017-3459 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via mul
03-05-2017 - 11:13 24-04-2017 - 15:59
CVE-2017-3457 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple
03-05-2017 - 11:13 24-04-2017 - 15:59
CVE-2017-3456 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged
03-05-2017 - 11:12 24-04-2017 - 15:59
CVE-2017-3455 5.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network acce
03-05-2017 - 11:12 24-04-2017 - 15:59
CVE-2017-3308 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged
03-05-2017 - 11:11 24-04-2017 - 15:59
CVE-2017-3464 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged
03-05-2017 - 07:45 24-04-2017 - 15:59
CVE-2017-3599 7.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows unauthenticated attacker
02-05-2017 - 21:59 24-04-2017 - 15:59
CVE-2017-3463 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allow
02-05-2017 - 17:11 24-04-2017 - 15:59
CVE-2016-10243 7.5
TeX Live allows remote attackers to execute arbitrary commands by leveraging inclusion of mpost in shell_escape_commands in the texmf.cnf config file.
02-05-2017 - 10:59 02-05-2017 - 10:59
CVE-2017-3600 6.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Difficult to exploit vulnerability allows high privi
02-05-2017 - 09:56 24-04-2017 - 15:59
CVE-2016-10124 5.0
An issue was discovered in Linux Containers (LXC) before 2016-02-22. When executing a program via lxc-attach, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal's input buffer, allowin
01-05-2017 - 21:59 09-01-2017 - 03:59
CVE-2016-8649 9.0
lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows an attacker inside of an unprivileged container to use an inherited file descriptor, of the host's /proc, to access the rest of the host's filesystem via the openat() family of syscalls.
01-05-2017 - 02:59 01-05-2017 - 02:59
CVE-2017-7645 7.8
The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c.
28-04-2017 - 21:59 18-04-2017 - 10:59
CVE-2017-5029 6.8
The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow during a size calculation, which a
28-04-2017 - 14:16 24-04-2017 - 19:59
CVE-2017-5033 4.3
Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android failed to correctly propagate CSP restrictions to local scheme pages, which allowed a remote attacker to bypass content security policy via a craft
28-04-2017 - 14:10 24-04-2017 - 19:59
CVE-2017-5035 6.8
Google Chrome prior to 57.0.2987.98 for Windows and Mac had a race condition, which could cause Chrome to display incorrect certificate information for a site.
28-04-2017 - 14:05 24-04-2017 - 19:59
CVE-2017-5044 6.8
Heap buffer overflow in filter processing in Skia in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
28-04-2017 - 14:04 24-04-2017 - 19:59
CVE-2017-5030 6.8
Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac and 57.0.2987.108 for Android allowed a remote attacker to execute arbitrary code via a crafted HTML page.
28-04-2017 - 13:57 24-04-2017 - 19:59
CVE-2017-5040 4.3
V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android was missing a neutering check, which allowed a remote attacker to read values in memory via a crafted HTML page.
28-04-2017 - 13:52 24-04-2017 - 19:59
CVE-2017-5045 4.3
XSS Auditor in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed detection of a blocked iframe load, which allowed a remote attacker to brute force JavaScript variables via a crafted HTML page.
28-04-2017 - 13:51 24-04-2017 - 19:59
CVE-2017-8105 7.5
FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c.
28-04-2017 - 13:50 24-04-2017 - 14:59
CVE-2017-5037 6.8
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer.
28-04-2017 - 13:41 24-04-2017 - 19:59
CVE-2017-5046 4.3
V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android had insufficient policy enforcement, which allowed a remote attacker to spoof the location object via a crafted HTML page, related to Blink informatio
28-04-2017 - 13:16 24-04-2017 - 19:59
CVE-2017-5041 4.3
Google Chrome prior to 57.0.2987.100 incorrectly handled back-forward navigation, which allowed a remote attacker to display incorrect information for a site via a crafted HTML page.
28-04-2017 - 13:10 24-04-2017 - 19:59
CVE-2017-8064 7.2
drivers/media/usb/dvb-usb-v2/dvb_usb_core.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or poss
28-04-2017 - 12:35 23-04-2017 - 01:59
CVE-2017-8067 7.2
drivers/char/virtio_console.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unsp
27-04-2017 - 15:05 23-04-2017 - 01:59
CVE-2017-8063 7.2
drivers/media/usb/dvb-usb/cxusb.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash) or possibly have unspecified other imp
27-04-2017 - 13:02 23-04-2017 - 01:59
CVE-2017-7979 7.2
The cookie feature in the packet action API implementation in net/sched/act_api.c in the Linux kernel 4.11.x through 4.11-rc7 mishandles the tb nlattr array, which allows local users to cause a denial of service (uninitialized memory access and refco
25-04-2017 - 21:59 19-04-2017 - 19:59
CVE-2017-5437
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-10195, CVE-2016-10196, CVE-2016-10197. Reason: This candidate is a duplicate of CVE-2016-10195, CVE-2016-10196, and CVE-2016-10197. Notes: All CVE users should reference CVE-2016
25-04-2017 - 17:59 25-04-2017 - 17:59
CVE-2017-7982 4.3
Integer overflow in the plist_from_bin function in bplist.c in libimobiledevice/libplist before 2017-04-19 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted plist file.
25-04-2017 - 14:55 20-04-2017 - 10:59
CVE-2016-6489 5.0
The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack.
25-04-2017 - 13:38 14-04-2017 - 14:59
CVE-2017-3302 5.0
Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3.
25-04-2017 - 12:20 11-02-2017 - 23:59
CVE-2017-5662 7.9
In Apache Batik before 1.9, files lying on the filesystem of the server which uses batik can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable ap
25-04-2017 - 11:06 18-04-2017 - 10:59
CVE-2017-7867 5.0
International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function.
25-04-2017 - 11:05 14-04-2017 - 00:59
CVE-2017-7868 5.0
International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function.
25-04-2017 - 11:05 14-04-2017 - 00:59
CVE-2015-4646 5.0
(1) unsquash-1.c, (2) unsquash-2.c, (3) unsquash-3.c, and (4) unsquash-4.c in Squashfs and sasquatch allow remote attackers to cause a denial of service (application crash) via a crafted input.
25-04-2017 - 09:23 13-04-2017 - 13:59
CVE-2017-7869 5.0
GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function in opencdk/read-packet.c. This issue (which is a subset of the vendor's GNUTLS-SA-2017-3 report) is
25-04-2017 - 09:23 14-04-2017 - 00:59
CVE-2017-7975 6.8
Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because of an integer overflow in the jbig2_build_huffman_table function in jbig2_huffman.c during operations on a crafted JBIG2 file, leading to a denial of service (applicat
24-04-2017 - 20:44 19-04-2017 - 12:59
CVE-2017-7976 5.8
Artifex jbig2dec 0.13 allows out-of-bounds writes and reads because of an integer overflow in the jbig2_image_compose function in jbig2_image.c during operations on a crafted .jb2 file, leading to a denial of service (application crash) or disclosure
24-04-2017 - 20:43 19-04-2017 - 13:59
CVE-2017-7885 5.8
Artifex jbig2dec 0.13 has a heap-based buffer over-read leading to denial of service (application crash) or disclosure of sensitive information from process memory, because of an integer overflow in the jbig2_decode_symbol_dict function in jbig2_symb
24-04-2017 - 20:42 16-04-2017 - 20:59
CVE-2016-7032 6.9
sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the (1) system or (2) popen function.
24-04-2017 - 20:29 14-04-2017 - 14:59
CVE-2015-4645 4.3
Integer overflow in the read_fragment_table_4 function in unsquash-4.c in Squashfs and sasquatch allows remote attackers to cause a denial of service (application crash) via a crafted input, which triggers a stack-based buffer overflow.
24-04-2017 - 10:55 17-03-2017 - 10:59
CVE-2014-7926 7.5
The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspe
23-04-2017 - 21:59 22-01-2015 - 17:59
CVE-2014-7923 7.5
The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspe
23-04-2017 - 21:59 22-01-2015 - 17:59
CVE-2017-7889 7.2
The mm subsystem in the Linux kernel through 4.10.10 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation acces
21-04-2017 - 13:40 16-04-2017 - 20:59
CVE-2016-8602 6.8
The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty o
21-04-2017 - 12:03 14-04-2017 - 14:59
CVE-2017-5648 6.4
While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tomcat 9.0.0.M1 to 9.0.0.M17, 8.5.0 to 8.5.11, 8.0.0.RC1 to 8.0.41, and 7.0.0 to 7.0.75 did not use the appropriate facade object. When running an untrus
21-04-2017 - 10:20 17-04-2017 - 12:59
CVE-2017-5647 5.0
A bug in the handling of the pipelined requests in Apache Tomcat 9.0.0.M1 to 9.0.0.M18, 8.5.0 to 8.5.12, 8.0.0.RC1 to 8.0.42, 7.0.0 to 7.0.76, and 6.0.0 to 6.0.52, when send file was used, results in the pipelined request being lost when send file pr
21-04-2017 - 09:59 17-04-2017 - 12:59
CVE-2016-10327 7.5
LibreOffice before 2016-12-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the EnhWMFReader::ReadEnhWMF function in vcl/source/filter/wmf/enhwmf.cxx.
20-04-2017 - 14:11 14-04-2017 - 00:59
CVE-2017-7870 7.5
LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx.
20-04-2017 - 14:11 14-04-2017 - 00:59
CVE-2016-0727 7.2
The crontab script in the ntp package before 1:4.2.6.p3+dfsg-1ubuntu3.11 on Ubuntu 12.04 LTS, before 1:4.2.6.p5+dfsg-3ubuntu2.14.04.10 on Ubuntu 14.04 LTS, on Ubuntu Wily, and before 1:4.2.8p4+dfsg-3ubuntu5.3 on Ubuntu 16.04 LTS allows local users wi
20-04-2017 - 12:34 14-04-2017 - 14:59
CVE-2016-10328 7.5
FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c.
20-04-2017 - 12:18 14-04-2017 - 00:59
CVE-2017-7742 4.3
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with read memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-
20-04-2017 - 10:32 12-04-2017 - 14:59
CVE-2017-5936 5.0
OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pairs when applying Neutron security group rules for instances, which allows remote attackers to bypass intended security restrictions.
20-04-2017 - 10:22 12-04-2017 - 18:59
CVE-2017-7741 4.3
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with write memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017
20-04-2017 - 09:45 12-04-2017 - 14:59
CVE-2015-8271 7.5
The AMF3CD_AddProp function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to execute arbitrary code.
20-04-2017 - 09:26 13-04-2017 - 10:59
CVE-2015-8270 5.0
The AMF3ReadString function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to cause a denial of service (invalid pointer dereference and process crash).
20-04-2017 - 09:19 13-04-2017 - 10:59
CVE-2015-8272 4.3
RTMPDump 2.4 allows remote attackers to trigger a denial of service (NULL pointer dereference and process crash).
19-04-2017 - 15:36 13-04-2017 - 10:59
CVE-2016-10149 5.0
XML External Entity (XXE) vulnerability in PySAML2 4.4.0 and earlier allows remote attackers to read arbitrary files via a crafted SAML XML request or response.
18-04-2017 - 21:59 24-03-2017 - 10:59
CVE-2017-0160 7.2
Microsoft .NET Framework 2.0, 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allows an attacker with access to the local system to execute malicious code, aka ".NET Remote Code Execution Vulnerability."
18-04-2017 - 10:07 12-04-2017 - 10:59
CVE-2016-1908 7.5
The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding
17-04-2017 - 15:09 11-04-2017 - 14:59
CVE-2014-8355 4.3
PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).
17-04-2017 - 14:18 11-04-2017 - 15:59
CVE-2017-7377 2.1
The (1) v9fs_create and (2) v9fs_lcreate functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS privileged users to cause a denial of service (file descriptor or memory consumption) via vectors related to an already in-use fid.
17-04-2017 - 09:28 10-04-2017 - 11:59
CVE-2015-8504 3.5
Qemu, when built with VNC display driver support, allows remote attackers to cause a denial of service (arithmetic exception and application crash) via crafted SetPixelFormat messages from a client.
17-04-2017 - 08:55 11-04-2017 - 15:59
CVE-2017-7619 5.0
In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in some of the color algorithms. This affects ModulateHSL, ModulateHCL, ModulateHCLp, ModulateHSB, ModulateHSI, ModulateHSV, ModulateHWB, ModulateLCHab, and
14-04-2017 - 21:09 10-04-2017 - 10:59
CVE-2017-7618 7.8
crypto/ahash.c in the Linux kernel through 4.10.9 allows attackers to cause a denial of service (API operation calling its own callback, and infinite recursion) by triggering EBUSY on a full queue.
14-04-2017 - 21:08 10-04-2017 - 10:59
CVE-2017-7616 2.1
Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap op
14-04-2017 - 13:06 10-04-2017 - 10:59
CVE-2016-8735 7.5
Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because
12-04-2017 - 16:42 06-04-2017 - 17:59
CVE-2017-0553 7.6
An elevation of privilege vulnerability in libnl could enable a local malicious application to execute arbitrary code within the context of the Wi-Fi service. This issue is rated as Moderate because it first requires compromising a privileged process
12-04-2017 - 10:14 07-04-2017 - 18:59
CVE-2017-7586 4.3
In libsndfile before 1.0.28, an error in the "header_read()" function (common.c) when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.
11-04-2017 - 21:59 07-04-2017 - 16:59
CVE-2017-7228 7.2
An issue (known as XSA-212) was discovered in Xen, with fixes available for 4.8.x, 4.7.x, 4.6.x, 4.5.x, and 4.4.x. The earlier XSA-29 fix introduced an insufficient check on XENMEM_exchange input, allowing the caller to drive hypervisor memory access
11-04-2017 - 21:59 04-04-2017 - 10:59
CVE-2017-2476 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a d
11-04-2017 - 21:59 01-04-2017 - 21:59
CVE-2017-2471 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. watchOS before 3.2 is affected. The issue involves the "WebKit" component. A use-after-free vulnerability allows remote attackers to execu
11-04-2017 - 21:59 01-04-2017 - 21:59
CVE-2017-2466 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a d
11-04-2017 - 21:59 01-04-2017 - 21:59
CVE-2017-2460 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a d
11-04-2017 - 21:59 01-04-2017 - 21:59
CVE-2017-2459 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a d
11-04-2017 - 21:59 01-04-2017 - 21:59
CVE-2017-2455 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a d
11-04-2017 - 21:59 01-04-2017 - 21:59
CVE-2017-2454 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a d
11-04-2017 - 21:59 01-04-2017 - 21:59
CVE-2017-7234 5.8
A maliciously crafted URL to a Django (1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18) site using the ``django.views.static.serve()`` view could redirect to any other domain, aka an open redirect vulnerability.
11-04-2017 - 15:09 04-04-2017 - 13:59
CVE-2017-7233 5.8
Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 relies on user input in some cases to redirect the user to an "on success" URL. The security check for these redirects (namely ``django.utils.http.is_safe_url()``) considered some nu
11-04-2017 - 15:08 04-04-2017 - 13:59
CVE-2017-2671 4.9
The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (pani
11-04-2017 - 15:05 05-04-2017 - 02:59
CVE-2017-7358 6.9
In LightDM through 1.22.0, a directory traversal issue in debian/guest-account.sh allows local attackers to own arbitrary directory path locations and escalate privileges to root when the guest user logs out.
11-04-2017 - 13:33 05-04-2017 - 02:59
CVE-2017-7585 4.3
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.
10-04-2017 - 18:36 07-04-2017 - 16:59
CVE-2016-10220 4.3
The gs_makewordimagedevice function in base/gsdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file that is mishandled in the PDF T
10-04-2017 - 18:28 03-04-2017 - 01:59
CVE-2016-10217 4.3
The pdf14_open function in base/gdevp14.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted file that is mishandled in the color management module.
10-04-2017 - 12:27 03-04-2017 - 01:59
CVE-2017-5951 4.3
The mem_get_bits_rectangle function in base/gdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.
10-04-2017 - 10:47 03-04-2017 - 01:59
CVE-2016-10219 4.3
The intersect function in base/gxfill.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file.
10-04-2017 - 10:27 03-04-2017 - 01:59
CVE-2016-7097 3.6
The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permission
07-04-2017 - 21:59 16-10-2016 - 17:59
CVE-2016-2339 7.5
An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby. In Fiddle::Function.new "initialize" heap buffer "arg_types" allocation is made based on args array length. Specially construct
07-04-2017 - 21:59 06-01-2017 - 16:59
CVE-2017-6964 7.2
dmcrypt-get-device, as shipped in the eject package of Debian and Ubuntu, does not check the return value of the (1) setuid or (2) setgid function, which might cause dmcrypt-get-device to execute code, which was intended to run as an unprivileged use
07-04-2017 - 15:30 27-03-2017 - 21:59
CVE-2017-2442 4.3
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit JavaScript Bindings" component. It allows remote attackers to bypass the Same Origin Policy and obtain sens
07-04-2017 - 14:42 01-04-2017 - 21:59
CVE-2017-2386 4.3
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and o
07-04-2017 - 13:52 01-04-2017 - 21:59
CVE-2017-2394 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a d
07-04-2017 - 13:15 01-04-2017 - 21:59
CVE-2017-2395 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a d
07-04-2017 - 13:05 01-04-2017 - 21:59
CVE-2017-2415 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to exe
07-04-2017 - 09:55 01-04-2017 - 21:59
CVE-2017-2433 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corru
06-04-2017 - 15:34 01-04-2017 - 21:59
CVE-2017-2457 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corru
06-04-2017 - 15:33 01-04-2017 - 21:59
CVE-2017-2376 5.0
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar by leveraging text input during the loading
06-04-2017 - 15:33 01-04-2017 - 21:59
CVE-2017-2445 4.3
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attack
06-04-2017 - 15:08 01-04-2017 - 21:59
CVE-2017-2367 4.3
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and o
06-04-2017 - 15:08 01-04-2017 - 21:59
CVE-2017-2405 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit Web Inspector" component. It allows remote attackers to execute arbitrary code or cause a denial of service
06-04-2017 - 14:59 01-04-2017 - 21:59
CVE-2017-2396 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a d
06-04-2017 - 14:59 01-04-2017 - 21:59
CVE-2017-2392 6.8
An issue was discovered in certain Apple products. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app.
06-04-2017 - 14:58 01-04-2017 - 21:59
CVE-2017-2464 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a d
06-04-2017 - 14:46 01-04-2017 - 21:59
CVE-2017-2469 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a d
06-04-2017 - 14:45 01-04-2017 - 21:59
CVE-2017-2468 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a d
06-04-2017 - 14:45 01-04-2017 - 21:59
CVE-2017-2465 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a d
06-04-2017 - 14:45 01-04-2017 - 21:59
CVE-2017-2447 5.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information or cau
06-04-2017 - 14:43 01-04-2017 - 21:59
CVE-2017-2446 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafte
06-04-2017 - 14:43 01-04-2017 - 21:59
CVE-2017-2470 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a d
06-04-2017 - 14:21 01-04-2017 - 21:59
CVE-2017-2481 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a d
06-04-2017 - 14:19 01-04-2017 - 21:59
CVE-2017-2419 5.0
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass a Content Security Policy protection mechanism via unspeci
06-04-2017 - 14:13 01-04-2017 - 21:59
CVE-2017-2475 4.3
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attack
06-04-2017 - 12:39 01-04-2017 - 21:59
CVE-2017-2377 5.0
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit Web Inspector" component. It allows attackers to cause a denial of service (memory corruption and applicati
06-04-2017 - 12:22 01-04-2017 - 21:59
CVE-2017-7374 7.2
Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service (NULL pointer dereference) or possibly gain privileges by revoking keyring keys being used for ext4, f2fs, or ubifs encryptio
05-04-2017 - 10:19 31-03-2017 - 16:59
CVE-2014-9114 7.2
Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code.
05-04-2017 - 07:45 31-03-2017 - 12:59
CVE-2015-4556 5.0
The string-translate* procedure in the data-structures unit in CHICKEN before 4.10.0 allows remote attackers to cause a denial of service (crash).
04-04-2017 - 21:59 29-03-2017 - 10:59
CVE-2017-7346 4.9
The vmw_gb_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.7 does not validate certain levels data, which allows local users to cause a denial of service (system hang) via a crafted ioctl call
04-04-2017 - 12:01 30-03-2017 - 19:59
CVE-2016-9243 5.0
HKDF in cryptography before 1.5.2 returns an empty byte-string if used with a length less than algorithm.digest_size.
04-04-2017 - 12:00 27-03-2017 - 13:59
CVE-2009-5147 7.5
DL::dlopen in Ruby 1.8, 1.9.0, 1.9.2, 1.9.3, 2.0.0 before patchlevel 648, and 2.1 before 2.1.8 opens libraries with tainted names.
04-04-2017 - 11:08 29-03-2017 - 10:59
CVE-2017-7273 4.6
The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux kernel 4.x before 4.9.4 allows physically proximate attackers to cause a denial of service (integer underflow) or possibly have unspecified other impact via a crafted HID report.
03-04-2017 - 10:07 27-03-2017 - 13:59
CVE-2017-6507 4.3
An issue was discovered in AppArmor before 2.12. Incorrect handling of unknown AppArmor profiles in AppArmor init scripts, upstart jobs, and/or systemd unit files allows an attacker to possibly have increased attack surfaces of processes that were in
31-03-2017 - 21:59 24-03-2017 - 03:59
CVE-2016-9774 7.2
The postinst script in the tomcat6 package before 6.0.45+dfsg-1~deb7u4 on Debian wheezy, before 6.0.35-1ubuntu3.9 on Ubuntu 12.04 LTS and on Ubuntu 14.04 LTS; the tomcat7 package before 7.0.28-4+deb7u8 on Debian wheezy, before 7.0.56-3+deb8u6 on Debi
31-03-2017 - 16:31 23-03-2017 - 12:59
CVE-2016-9775 7.2
The postrm script in the tomcat6 package before 6.0.45+dfsg-1~deb7u3 on Debian wheezy, before 6.0.45+dfsg-1~deb8u1 on Debian jessie, before 6.0.35-1ubuntu3.9 on Ubuntu 12.04 LTS and on Ubuntu 14.04 LTS; the tomcat7 package before 7.0.28-4+deb7u7 on D
31-03-2017 - 16:25 23-03-2017 - 12:59
CVE-2017-7294 7.2
The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data, which allows local users to trigger an integer overflow and out-of-bounds write, an
31-03-2017 - 14:14 28-03-2017 - 22:59
CVE-2017-7277 6.6
The TCP stack in the Linux kernel through 4.10.6 mishandles the SCM_TIMESTAMPING_OPT_STATS feature, which allows local users to obtain sensitive information from the kernel's internal socket data structures or cause a denial of service (out-of-bounds
31-03-2017 - 13:02 28-03-2017 - 02:59
CVE-2017-5973 2.1
The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer descriptor sequence.
31-03-2017 - 07:24 27-03-2017 - 11:59
CVE-2017-5985 2.1
lxc-user-nic in Linux Containers (LXC) allows local users with a lxc-usernet allocation to create network interfaces on the host and choose the name of those interfaces by leveraging lack of netns ownership check.
30-03-2017 - 10:30 14-03-2017 - 13:59
CVE-2017-7184 7.2
The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-b
29-03-2017 - 21:59 19-03-2017 - 14:59
CVE-2017-7261 4.9
The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service (ZERO_SIZE_PTR dereferen
28-03-2017 - 21:59 24-03-2017 - 17:59
CVE-2017-5897 7.5
The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access.
28-03-2017 - 11:47 23-03-2017 - 12:59
CVE-2017-6369 6.5
Insufficient checks in the UDF subsystem in Firebird 2.5.x before 2.5.7 and 3.0.x before 3.0.2 allow remote authenticated users to execute code by using a 'system' entrypoint from fbudf.so.
28-03-2017 - 10:46 24-03-2017 - 06:59
CVE-2016-7797 5.0
Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection.
28-03-2017 - 10:14 24-03-2017 - 11:59
CVE-2017-5336 7.5
Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate.
27-03-2017 - 15:26 24-03-2017 - 11:59
CVE-2017-5335 5.0
The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate.
27-03-2017 - 15:26 24-03-2017 - 11:59
CVE-2017-5334 7.5
Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509 certificate with a Proxy Cert
27-03-2017 - 15:24 24-03-2017 - 11:59
CVE-2017-5337 7.5
Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate.
27-03-2017 - 15:19 24-03-2017 - 11:59
CVE-2017-5507 7.8
Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache.
27-03-2017 - 15:18 24-03-2017 - 11:59
CVE-2017-5506 6.8
Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file.
27-03-2017 - 15:17 24-03-2017 - 11:59
CVE-2017-5508 4.3
Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF file.
27-03-2017 - 15:17 24-03-2017 - 11:59
CVE-2017-5510 6.8
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.
27-03-2017 - 15:13 24-03-2017 - 11:59
CVE-2017-5511 7.5
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow.
27-03-2017 - 15:12 24-03-2017 - 11:59
CVE-2016-10146 7.8
Multiple memory leaks in the caption and label handling code in ImageMagick allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
27-03-2017 - 11:14 24-03-2017 - 11:59
CVE-2016-10145<