Total
11936 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-9103 | 3 Fedoraproject, Gnu, Opensuse | 3 Fedora, Adns, Leap | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in adns before 1.5.2. pap_mailbox822 does not properly check st from adns__findlabel_next. Without this, an uninitialised stack value can be used as the first label length. Depending on the circumstances, an attacker might be able to trick adns into crashing the calling program, leaking aspects of the contents of some of its memory, causing it to allocate lots of memory, or perhaps overrunning a buffer. This is only possible with applications which make non-raw queries for SOA or RP records. | |||||
| CVE-2017-9048 | 1 Xmlsoft | 1 Libxml2 | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 < size. This vulnerability causes programs that use libxml2, such as PHP, to crash. | |||||
| CVE-2017-9047 | 1 Xmlsoft | 1 Libxml2 | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| A buffer overflow was discovered in libxml2 20904-GITv2.9.4-16-g0741801. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. The variable len is assigned strlen(buf). If the content->type is XML_ELEMENT_CONTENT_ELEMENT, then (i) the content->prefix is appended to buf (if it actually fits) whereupon (ii) content->name is written to the buffer. However, the check for whether the content->name actually fits also uses 'len' rather than the updated buffer length strlen(buf). This allows us to write about "size" many bytes beyond the allocated memory. This vulnerability causes programs that use libxml2, such as PHP, to crash. | |||||
| CVE-2017-8311 | 1 Videolan | 1 Vlc Media Player | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| Potential heap based buffer overflow in ParseJSS in VideoLAN VLC before 2.2.5 due to skipping NULL terminator in an input string allows attackers to execute arbitrary code via a crafted subtitles file. | |||||
| CVE-2017-8073 | 2 Debian, Weechat | 2 Debian Linux, Weechat | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| WeeChat before 1.7.1 allows a remote crash by sending a filename via DCC to the IRC plugin. This occurs in the irc_ctcp_dcc_filename_without_quotes function during quote removal, with a buffer overflow. | |||||
| CVE-2017-7679 | 1 Apache | 1 Http Server | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header. | |||||
| CVE-2017-7269 | 1 Microsoft | 2 Internet Information Server, Windows Server 2003 | 2023-11-07 | 10.0 HIGH | 9.8 CRITICAL |
| Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016. | |||||
| CVE-2017-6862 | 1 Netgear | 6 Wnr2000v3, Wnr2000v3 Firmware, Wnr2000v4 and 3 more | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. The NETGEAR ID is PSV-2016-0261. | |||||
| CVE-2017-6542 | 3 Opensuse, Opensuse Project, Putty | 3 Leap, Leap, Putty | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overflow. | |||||
| CVE-2017-6458 | 4 Apple, Hpe, Ntp and 1 more | 5 Mac Os X, Hpux-ntp, Ntp and 2 more | 2023-11-07 | 6.5 MEDIUM | 8.8 HIGH |
| Multiple buffer overflows in the ctl_put* functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecified impact via a long variable. | |||||
| CVE-2017-6300 | 2 Debian, Ytnef Project | 2 Debian Linux, Ytnef | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "3 of 9. Buffer Overflow in version field in lib/tnef-types.h." | |||||
| CVE-2017-5486 | 1 Tcpdump | 1 Tcpdump | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print(). | |||||
| CVE-2017-5485 | 1 Tcpdump | 1 Tcpdump | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in addrtoname.c:lookup_nsap(). | |||||
| CVE-2017-5484 | 1 Tcpdump | 1 Tcpdump | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print(). | |||||
| CVE-2017-5483 | 1 Tcpdump | 1 Tcpdump | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse(). | |||||
| CVE-2017-5482 | 1 Tcpdump | 1 Tcpdump | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2016-8575. | |||||
| CVE-2017-5342 | 1 Tcpdump | 1 Tcpdump | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| In tcpdump before 4.9.0, a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print(). | |||||
| CVE-2017-5341 | 1 Tcpdump | 1 Tcpdump | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print(). | |||||
| CVE-2017-5205 | 3 Debian, Redhat, Tcpdump | 8 Debian Linux, Enterprise Linux Desktop, Enterprise Linux Server and 5 more | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print(). | |||||
| CVE-2017-5204 | 3 Debian, Redhat, Tcpdump | 8 Debian Linux, Enterprise Linux Desktop, Enterprise Linux Server and 5 more | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print(). | |||||