Max CVSS 7.5 Min CVSS 4.0 Total Count23
IDCVSSSummaryLast (major) updatePublished
CVE-2017-6451 4.6
The mx4200_send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, whic
30-03-2017 - 10:32 27-03-2017 - 13:59
CVE-2017-6455 4.4
NTP before 4.2.8p10 and 4.3.x before 4.3.94, when using PPSAPI, allows local users to gain privileges via a DLL in the PPSAPI_DLLS environment variable.
30-03-2017 - 10:17 27-03-2017 - 13:59
CVE-2017-6458 6.5
Multiple buffer overflows in the ctl_put* functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecified impact via a long variable.
30-03-2017 - 10:10 27-03-2017 - 13:59
CVE-2017-6462 4.6
Buffer overflow in the legacy Datum Programmable Time Server (DPTS) refclock driver in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via a crafted /dev/datum device.
29-03-2017 - 14:31 27-03-2017 - 13:59
CVE-2017-6460 6.5
Stack-based buffer overflow in the reslist function in ntpq in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote servers have unspecified impact via a long flagstr variable in a restriction list response.
29-03-2017 - 14:24 27-03-2017 - 13:59
CVE-2017-6464 4.0
NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote attackers to cause a denial of service (ntpd crash) via a malformed mode configuration directive.
29-03-2017 - 14:14 27-03-2017 - 13:59
CVE-2017-6463 4.0
NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote authenticated users to cause a denial of service (daemon crash) via an invalid setting in a :config directive, related to the unpeer option.
29-03-2017 - 14:14 27-03-2017 - 13:59
CVE-2017-6452 4.6
Stack-based buffer overflow in the Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via an application path on the command line.
29-03-2017 - 13:03 27-03-2017 - 13:59
CVE-2017-6969 6.4
readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer over-read while processing corrupt RL78 binaries. The vulnerability can trigger program crashes. It may lead to an information leak as well.
27-03-2017 - 21:59 17-03-2017 - 05:59
CVE-2014-9939 7.5
ihex.c in GNU Binutils before 2.26 contains a stack buffer overflow when printing bad bytes in Intel Hex objects.
22-03-2017 - 15:12 21-03-2017 - 02:59
CVE-2016-8688 4.3
The mtree bidder in libarchive 3.2.1 does not keep track of line sizes when extending the read-ahead, which allows remote attackers to cause a denial of service (crash) via a crafted file, which triggers an invalid read in the (1) detect_form or (2)
17-02-2017 - 11:59 15-02-2017 - 14:59
CVE-2016-8687 5.0
Stack-based buffer overflow in the safe_fprintf function in tar/util.c in libarchive 3.2.1 allows remote attackers to cause a denial of service via a crafted non-printable multibyte character in a filename.
17-02-2017 - 11:58 15-02-2017 - 14:59
CVE-2016-8689 5.0
The read_Header function in archive_read_support_format_7zip.c in libarchive 3.2.1 allows remote attackers to cause a denial of service (out-of-bounds read) via multiple EmptyStream attributes in a header in a 7zip archive.
17-02-2017 - 08:54 15-02-2017 - 14:59
CVE-2017-5601 5.0
An error in the lha_read_file_header_1() function (archive_read_support_format_lha.c) in libarchive 3.2.2 allows remote attackers to trigger an out-of-bounds read memory access and subsequently cause a crash via a specially crafted archive.
07-02-2017 - 11:59 27-01-2017 - 17:59
CVE-2016-5844 4.3
Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.
05-01-2017 - 15:03 21-09-2016 - 10:25
CVE-2016-6250 7.5
Integer overflow in the ISO9660 writer in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via vectors related to verifying filename lengths when writing an ISO9660 archive, wh
05-01-2017 - 15:00 21-09-2016 - 10:25
CVE-2016-4301 6.8
Stack-based buffer overflow in the parse_device function in archive_read_support_format_mtree.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a crafted mtree file.
04-01-2017 - 21:59 21-09-2016 - 10:25
CVE-2016-4300 6.8
Integer overflow in the read_SubStreamsInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a 7zip file with a large number of substreams, which triggers a heap-based buf
21-12-2016 - 22:00 21-09-2016 - 10:25
CVE-2016-5418 5.0
The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file.
28-11-2016 - 15:25 21-09-2016 - 10:25
CVE-2015-8933 4.3
Integer overflow in the archive_read_format_tar_skip function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file.
28-11-2016 - 14:50 20-09-2016 - 10:15
CVE-2016-4302 6.8
Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a zero-sized dictionary.
06-10-2016 - 21:59 21-09-2016 - 10:25
CVE-2016-4809 5.0
The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a CPIO archive with a large symlink.
28-09-2016 - 11:50 21-09-2016 - 10:25
CVE-2016-7166 4.3
libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip file.
28-09-2016 - 11:24 21-09-2016 - 10:25
Back to Top Mark selected
Back to Top