Max CVSS 10.0 Min CVSS 1.9 Total Count97
IDCVSSSummaryLast (major) updatePublished
CVE-2017-3143 4.3
An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. A
16-01-2019 - 15:29 16-01-2019 - 15:29
CVE-2017-3142 4.3
An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server tha
16-01-2019 - 15:29 16-01-2019 - 15:29
CVE-2017-2629 4.0
curl before 7.53.0 has an incorrect TLS Certificate Status Request extension feature that asks for a fresh proof of the server's certificate's validity in the code that checks for a test success or failure. It ends up always thinking there's valid pr
27-07-2018 - 15:29 27-07-2018 - 15:29
CVE-2017-2624 1.9
It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations ret
27-07-2018 - 14:29 27-07-2018 - 14:29
CVE-2017-7468 5.0
In curl and libcurl 7.52.0 to and including 7.53.1, libcurl would attempt to resume a TLS session even if the client certificate had changed. That is unacceptable since a server by specification is allowed to skip the client certificate check on resu
16-07-2018 - 09:29 16-07-2018 - 09:29
CVE-2016-9594 6.8
curl before version 7.52.1 is vulnerable to an uninitialized random in libcurl's internal function that returns a good 32bit random value. Having a weak or virtually non-existent random value makes the operations that use it vulnerable.
23-04-2018 - 15:29 23-04-2018 - 15:29
CVE-2016-9586 6.8
curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf() functions. If there are any application that accepts a format string from the outside without necessary
23-04-2018 - 14:29 23-04-2018 - 14:29
CVE-2017-7069 9.3
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to ex
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7068 6.8
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "libarchive" component. It allows remote atta
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7067 4.3
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7064 4.3
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. The issue involves the "WebKit" component. It
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7062 7.5
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Contacts" component. A buffer overflow allow
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7061 6.8
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7056 6.8
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7055 6.8
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7054 7.9
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption)
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7053 9.3
An issue was discovered in certain Apple products. iTunes before 12.6.2 on Windows is affected. The issue involves the "iTunes" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app.
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7052 6.8
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7051 7.9
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption)
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7050 7.9
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption)
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7049 6.8
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7048 6.8
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7047 6.8
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "libxpc" component. It allows attackers to ex
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7046 6.8
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7045 4.3
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7044 9.3
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7043 6.8
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7042 9.3
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7041 9.3
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7040 6.8
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7039 6.8
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7037 6.8
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7036 4.3
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7035 9.3
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7034 6.8
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7033 6.8
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "afclip" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7032 9.3
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "kext tools" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption)
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7031 6.8
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Foundation" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application c
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7030 6.8
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7029 4.3
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to by
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7028 4.3
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to by
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7027 9.3
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to ex
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7026 9.3
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to ex
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7025 9.3
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to ex
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7024 9.3
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to ex
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7023 9.3
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to ex
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7022 9.3
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to ex
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7021 9.3
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "AppleGraphicsPowerManagement" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7020 6.8
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7019 6.8
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7018 6.8
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7017 9.3
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7016 6.8
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "afclip" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7015 6.8
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Audio" component. It allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corrupt
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7014 9.3
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7013 6.8
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. watchOS befor
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7012 6.8
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. The issue involves the "WebKit Web Inspector"
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7010 6.8
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7009 9.3
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "IOUSBFamily" component. It allows attackers
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-7008 6.8
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. The issue involves the "CoreAudio" component. It allows remote attackers to execute arbitrary code or
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-11478 7.1
The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed DJVU image.
20-07-2017 - 12:29 20-07-2017 - 12:29
CVE-2017-9765 6.8
Integer overflow in the soap_get function in Genivia gSOAP 2.7.x and 2.8.x before 2.8.48, as used on Axis cameras and other devices, allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow and appli
19-07-2017 - 20:29 19-07-2017 - 20:29
CVE-2017-11450 6.8
coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short.
19-07-2017 - 03:29 19-07-2017 - 03:29
CVE-2017-11449 6.8
coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image rec
19-07-2017 - 03:29 19-07-2017 - 03:29
CVE-2017-11448 4.3
The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file.
19-07-2017 - 03:29 19-07-2017 - 03:29
CVE-2017-11447 4.3
The ReadSCREENSHOTImage function in coders/screenshot.c in ImageMagick before 7.0.6-1 has memory leaks, causing denial of service.
19-07-2017 - 03:29 19-07-2017 - 03:29
CVE-2017-11360 4.3
The ReadRLEImage function in coders\rle.c in ImageMagick 7.0.6-1 has a large loop vulnerability via a crafted rle file that triggers a huge number_pixels value.
17-07-2017 - 09:18 17-07-2017 - 09:18
CVE-2017-11352 4.3
In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-9144.
17-07-2017 - 09:18 17-07-2017 - 09:18
CVE-2017-11188 7.8
The ReadDPXImage function in coders\dpx.c in ImageMagick 7.0.6-0 has a large loop vulnerability that can cause CPU exhaustion via a crafted DPX file, related to lack of an EOF check.
12-07-2017 - 11:29 12-07-2017 - 11:29
CVE-2017-11170 6.8
The ReadTGAImage function in coders\tga.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via invalid colors data in the header of a TGA or VST file.
11-07-2017 - 16:29 11-07-2017 - 16:29
CVE-2017-11141 7.1
The ReadMATImage function in coders\mat.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted MAT file, related to incorrect ordering of a SetImageExtent call.
09-07-2017 - 23:29 09-07-2017 - 23:29
CVE-2017-11110 6.8
The ole_init function in ole.c in catdoc 0.95 allows remote attackers to cause a denial of service (heap-based buffer underflow and application crash) or possibly have unspecified other impact via a crafted file, i.e., data is written to memory addre
08-07-2017 - 13:29 08-07-2017 - 13:29
CVE-2017-11108 5.0
tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree
08-07-2017 - 13:29 08-07-2017 - 13:29
CVE-2017-1000381 5.0
The c-ares function `ares_parse_naptr_reply()`, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way.
07-07-2017 - 13:29 07-07-2017 - 13:29
CVE-2017-10972 4.0
Uninitialized data in endianness conversion in the XEvent handling of the X.Org X Server before 2017-06-19 allowed authenticated malicious users to access potentially privileged data from the X server.
06-07-2017 - 07:29 06-07-2017 - 07:29
CVE-2017-10971 6.5
In the X.Org X server before 2017-06-19, a user authenticated to an X Session could crash or execute code in the context of the X Server by exploiting a stack overflow in the endianness conversion of X Events.
06-07-2017 - 07:29 06-07-2017 - 07:29
CVE-2017-10928 6.8
In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mis
05-07-2017 - 07:29 05-07-2017 - 07:29
CVE-2017-10790 5.0
The _asn1_check_identifier function in GNU Libtasn1 through 4.12 causes a NULL pointer dereference and crash when reading crafted input that triggers assignment of a NULL value within an asn1_node structure. It may lead to a remote denial of service
01-07-2017 - 23:29 01-07-2017 - 23:29
CVE-2017-1000364 6.2
An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the
19-06-2017 - 12:29 19-06-2017 - 12:29
CVE-2017-1000380 2.1
sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed
17-06-2017 - 14:29 17-06-2017 - 14:29
CVE-2017-9605 4.9
The vmw_gb_surface_define_ioctl function (accessible via DRM_IOCTL_VMW_GB_SURFACE_CREATE) in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.11.4 defines a backup_handle variable but does not give it an initial value. If one att
13-06-2017 - 15:29 13-06-2017 - 15:29
CVE-2017-9501 4.3
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via a crafted file.
07-06-2017 - 10:29 07-06-2017 - 10:29
CVE-2017-9440 4.3
In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPSDChannel in coders/psd.c, which allows attackers to cause a denial of service via a crafted file.
05-06-2017 - 14:29 05-06-2017 - 14:29
CVE-2017-9439 4.3
In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service via a crafted file.
05-06-2017 - 14:29 05-06-2017 - 14:29
CVE-2017-9417 7.5
Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the "Broadpwn" issue.
04-06-2017 - 17:29 04-06-2017 - 17:29
CVE-2017-9409 4.3
In ImageMagick 7.0.5-5, the ReadMPCImage function in mpc.c allows attackers to cause a denial of service (memory leak) via a crafted file.
02-06-2017 - 15:29 02-06-2017 - 15:29
CVE-2017-9407 4.3
In ImageMagick 7.0.5-5, the ReadPALMImage function in palm.c allows attackers to cause a denial of service (memory leak) via a crafted file.
02-06-2017 - 15:29 02-06-2017 - 15:29
CVE-2017-9405 4.3
In ImageMagick 7.0.5-5, the ReadICONImage function in icon.c:452 allows attackers to cause a denial of service (memory leak) via a crafted file.
02-06-2017 - 15:29 02-06-2017 - 15:29
CVE-2017-9262 4.3
In ImageMagick 7.0.5-6 Q16, the ReadJNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
29-05-2017 - 00:29 29-05-2017 - 00:29
CVE-2017-9261 4.3
In ImageMagick 7.0.5-6 Q16, the ReadMNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
29-05-2017 - 00:29 29-05-2017 - 00:29
CVE-2017-9150 2.1
The do_check function in kernel/bpf/verifier.c in the Linux kernel before 4.11.1 does not make the allow_ptr_leaks value available for restricting the output of the print_bpf_insn function, which allows local users to obtain sensitive address informa
22-05-2017 - 18:29 22-05-2017 - 18:29
CVE-2017-7895 10.0
The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted reque
11-05-2017 - 10:19 28-04-2017 - 06:59
CVE-2017-7346 4.9
The vmw_gb_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.7 does not validate certain levels data, which allows local users to cause a denial of service (system hang) via a crafted ioctl call
04-04-2017 - 12:01 30-03-2017 - 19:59
CVE-2015-4731 10.0
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
23-12-2016 - 21:59 16-07-2015 - 07:00
CVE-2015-8944 4.3
The ioresources_init function in kernel/resource.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 6 and 7 (2013) devices, uses weak permissions for /proc/iomem, which allows local users to obtain sensitive information
28-11-2016 - 14:50 06-08-2016 - 06:59
CVE-2014-9900 4.3
The ethtool_get_wol function in net/core/ethtool.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not initialize a certain data structure, which allows local users to obtain sensitive infor
28-11-2016 - 14:15 06-08-2016 - 06:59
CVE-2015-1338 7.2
kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2) hard link attack on /var/crash/vmcore.log.
02-10-2015 - 16:48 01-10-2015 - 16:59
Back to Top Mark selected
Back to Top