Search
Total
4471 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-9935 | 3 Canonical, Debian, Libtiff | 3 Ubuntu Linux, Debian Linux, Libtiff | 2019-10-03 | 6.8 MEDIUM | 8.8 HIGH |
| In LibTIFF 4.0.8, there is a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. This heap overflow could lead to different damages. For example, a crafted TIFF document can lead to an out-of-bounds read in TIFFCleanup, an invalid free in TIFFClose or t2p_free, memory corruption in t2p_readwrite_pdf_image, or a double free in t2p_free. Given these possibilities, it probably could cause arbitrary code execution. | |||||
| CVE-2017-13041 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print(). | |||||
| CVE-2017-9870 | 1 Lame Project | 1 Lame | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| The III_i_stereo function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file that is mishandled in the code for the "block_type == 2" case, a similar issue to CVE-2017-11126. | |||||
| CVE-2017-9869 | 1 Lame Project | 1 Lame | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| The II_step_one function in layer2.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file. | |||||
| CVE-2017-9865 | 2 Debian, Freedesktop | 2 Debian Linux, Poppler | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| The function GfxImageColorMap::getGray in GfxState.cc in Poppler 0.54.0 allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted PDF document, related to missing color-map validation in ImageOutputDev.cc. | |||||
| CVE-2017-13040 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions. | |||||
| CVE-2017-9847 | 1 Libtorrent | 1 Libtorrent | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| The bdecode function in bdecode.cpp in libtorrent 1.1.3 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. | |||||
| CVE-2017-13039 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions. | |||||
| CVE-2017-13038 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp(). | |||||
| CVE-2017-13037 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts(). | |||||
| CVE-2017-9740 | 1 Artifex | 1 Ghostscript Ghostxps | 2019-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| The xps_decode_font_char_imp function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | |||||
| CVE-2017-9739 | 2 Artifex, Debian | 2 Ghostscript Ghostxps, Debian Linux | 2019-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| The Ins_JMPR function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | |||||
| CVE-2017-13036 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3(). | |||||
| CVE-2017-9727 | 2 Artifex, Debian | 2 Ghostscript Ghostxps, Debian Linux | 2019-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| The gx_ttfReader__Read function in base/gxttfb.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | |||||
| CVE-2017-9726 | 2 Artifex, Debian | 2 Ghostscript Ghostxps, Debian Linux | 2019-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| The Ins_MDRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | |||||
| CVE-2017-13035 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_id(). | |||||
| CVE-2017-9717 | 1 Google | 1 Android | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while parsing Netlink attributes, a buffer overread can occur. | |||||
| CVE-2017-13033 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print(). | |||||
| CVE-2017-9715 | 1 Google | 1 Android | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a vendor command, a buffer over-read can occur. | |||||
| CVE-2017-9712 | 1 Google | 1 Android | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, if userspace provides a too-large IE length in wlan_hdd_cfg80211_set_ie, a buffer over-read occurs. | |||||
| CVE-2017-13034 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print(). | |||||
| CVE-2017-9620 | 1 Artifex | 1 Ghostscript Ghostxps | 2019-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| The xps_select_font_encoding function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document, related to the xps_encode_font_char_imp function. | |||||
| CVE-2017-9610 | 1 Artifex | 1 Ghostscript Ghostxps | 2019-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| The xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | |||||
| CVE-2017-9545 | 1 Mpg123 | 1 Mpg123 | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| The next_text function in src/libmpg123/id3.c in mpg123 1.24.0 allows remote attackers to cause a denial of service (buffer over-read) via a crafted mp3 file. | |||||
| CVE-2017-13032 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The RADIUS parser in tcpdump before 4.9.2 has a buffer over-read in print-radius.c:print_attr_string(). | |||||
| CVE-2017-9474 | 1 Ytnef Project | 1 Ytnef | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| In ytnef 1.9.2, the DecompressRTF function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. | |||||
| CVE-2017-9472 | 1 Ytnef Project | 1 Ytnef | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| In ytnef 1.9.2, the SwapDWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. | |||||
| CVE-2017-13031 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print(). | |||||
| CVE-2017-12992 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The RIPng parser in tcpdump before 4.9.2 has a buffer over-read in print-ripng.c:ripng_print(). | |||||
| CVE-2017-9471 | 2 Canonical, Ytnef Project | 2 Ubuntu Linux, Ytnef | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| In ytnef 1.9.2, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. | |||||
| CVE-2017-9465 | 1 Virustotal | 1 Yara | 2019-10-03 | 5.8 MEDIUM | 7.1 HIGH |
| The yr_arena_write_data function in YARA 3.6.1 allows remote attackers to cause a denial of service (buffer over-read and application crash) or obtain sensitive information from process memory via a crafted file that is mishandled in the yr_re_fast_exec function in libyara/re.c and the _yr_scan_match_callback function in libyara/scan.c. | |||||
| CVE-2017-13030 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions. | |||||
| CVE-2017-13029 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options(). | |||||
| CVE-2017-9410 | 2019-10-03 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-9101. Reason: This candidate is a duplicate of CVE-2015-9101. Notes: All CVE users should reference CVE-2015-9101 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-2017-13027 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print(). | |||||
| CVE-2017-12994 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print(). | |||||
| CVE-2017-13026 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c, several functions. | |||||
| CVE-2017-9265 | 1 Openvswitch | 1 Openvswitch | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| In Open vSwitch (OvS) v2.7.0, there is a buffer over-read while parsing the group mod OpenFlow message sent from the controller in `lib/ofp-util.c` in the function `ofputil_pull_ofp15_group_mod`. | |||||
| CVE-2017-9264 | 1 Openvswitch | 1 Openvswitch | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| In lib/conntrack.c in the firewall implementation in Open vSwitch (OvS) 2.6.1, there is a buffer over-read while parsing malformed TCP, UDP, and IPv6 packets in the functions `extract_l3_ipv6`, `extract_l4_tcp`, and `extract_l4_udp` that can be triggered remotely. | |||||
| CVE-2017-13025 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print(). | |||||
| CVE-2017-9260 | 1 Surina | 1 Soundtouch | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| The TDStretchSSE::calcCrossCorr function in source/SoundTouch/sse_optimized.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted wav file. | |||||
| CVE-2017-9195 | 1 Autotrace Project | 1 Autotrace | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:620:27. | |||||
| CVE-2017-9194 | 1 Autotrace Project | 1 Autotrace | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:559:29. | |||||
| CVE-2017-13023 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print(). | |||||
| CVE-2017-9193 | 1 Autotrace Project | 1 Autotrace | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:538:33. | |||||
| CVE-2017-13022 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute(). | |||||
| CVE-2017-13021 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_print(). | |||||
| CVE-2017-12993 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c, several functions. | |||||
| CVE-2017-9171 | 1 Autotrace Project | 1 Autotrace | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-bmp.c:492:24. | |||||
| CVE-2017-9166 | 1 Autotrace Project | 1 Autotrace | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in color.c:18:11. | |||||