Total
12919 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-9949 | 1 Radare | 1 Radare2 | 2025-04-20 | N/A |
| The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (stack-based buffer underflow and application crash) or possibly have unspecified other impact via a crafted binary file, possibly related to a buffer underflow in fs/ext2.c in GNU GRUB 2.02. | ||||
| CVE-2017-9938 | 1 Siemens | 1 Simatic Logon | 2025-04-20 | N/A |
| A vulnerability was discovered in Siemens SIMATIC Logon (All versions before V1.6) that could allow specially crafted packets sent to the SIMATIC Logon Remote Access service on port 16389/tcp to cause a Denial-of-Service condition. The service restarts automatically. | ||||
| CVE-2017-14039 | 2 Debian, Uclouvain | 2 Debian Linux, Openjpeg | 2025-04-20 | 8.8 High |
| A heap-based buffer overflow was discovered in the opj_t2_encode_packet function in lib/openjp2/t2.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact. | ||||
| CVE-2017-14040 | 2 Debian, Uclouvain | 2 Debian Linux, Openjpeg | 2025-04-20 | 8.8 High |
| An invalid write access was discovered in bin/jp2/convert.c in OpenJPEG 2.2.0, triggering a crash in the tgatoimage function. The vulnerability may lead to remote denial of service or possibly unspecified other impact. | ||||
| CVE-2017-12111 | 1 Libxls Project | 1 Libxls | 2025-04-20 | N/A |
| An exploitable out-of-bounds vulnerability exists in the xls_addCell function of libxls 1.4. A specially crafted XLS file with a formula record can cause memory corruption resulting in remote code execution. An attacker can send a malicious XLS file to trigger this vulnerability. | ||||
| CVE-2017-14041 | 2 Debian, Uclouvain | 2 Debian Linux, Openjpeg | 2025-04-20 | 8.8 High |
| A stack-based buffer overflow was discovered in the pgxtoimage function in bin/jp2/convert.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution. | ||||
| CVE-2017-9806 | 1 Apache | 1 Openoffice | 2025-04-20 | 7.8 High |
| A vulnerability in the OpenOffice Writer DOC file parser before 4.1.4, and specifically in the WW8Fonts Constructor, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution. | ||||
| CVE-2017-9432 | 1 Libstaroffice Project | 1 Libstaroffice | 2025-04-20 | N/A |
| Document Liberation Project libstaroffice before 2017-04-07 has an out-of-bounds write caused by a stack-based buffer overflow related to the DatabaseName::read function in lib/StarWriterStruct.cxx. | ||||
| CVE-2017-9203 | 1 Entropymine | 1 Imageworsener | 2025-04-20 | N/A |
| imagew-main.c:960:12 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (buffer underflow) via a crafted image, related to imagew-bmp.c. | ||||
| CVE-2017-9178 | 1 Autotrace Project | 1 Autotrace | 2025-04-20 | N/A |
| libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the ReadImage function in input-bmp.c:421:11. | ||||
| CVE-2017-9176 | 1 Autotrace Project | 1 Autotrace | 2025-04-20 | N/A |
| libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the ReadImage function in input-bmp.c:370:25. | ||||
| CVE-2017-9175 | 1 Autotrace Project | 1 Autotrace | 2025-04-20 | N/A |
| libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the ReadImage function in input-bmp.c:353:25. | ||||
| CVE-2017-9158 | 1 Autotrace Project | 1 Autotrace | 2025-04-20 | N/A |
| libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the pnm_load_raw function in input-pnm.c:336:11. | ||||
| CVE-2017-14075 | 1 Jungo | 1 Windriver | 2025-04-20 | N/A |
| This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x953824a7 by the windrvr1240 kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in an out-of-bounds write condition. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel. | ||||
| CVE-2017-12166 | 2 Debian, Openvpn | 2 Debian Linux, Openvpn | 2025-04-20 | 9.8 Critical |
| OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution. | ||||
| CVE-2017-1000111 | 3 Debian, Linux, Redhat | 11 Debian Linux, Linux Kernel, Enterprise Linux and 8 more | 2025-04-20 | 7.8 High |
| Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET_RESERVE. The solution is similar: lock the socket for the update. This issue may be exploitable, we did not investigate further. As this issue affects PF_PACKET sockets, it requires CAP_NET_RAW in the process namespace. But note that with user namespaces enabled, any process can create a namespace in which it has CAP_NET_RAW. | ||||
| CVE-2017-9156 | 1 Autotrace Project | 1 Autotrace | 2025-04-20 | N/A |
| libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the pnm_load_ascii function in input-pnm.c:303:12. | ||||
| CVE-2017-9113 | 1 Openexr | 1 Openexr | 2025-04-20 | N/A |
| In OpenEXR 2.2.0, an invalid write of size 1 in the bufferedReadPixels function in ImfInputFile.cpp could cause the application to crash or execute arbitrary code. | ||||
| CVE-2017-9111 | 1 Openexr | 1 Openexr | 2025-04-20 | N/A |
| In OpenEXR 2.2.0, an invalid write of size 8 in the storeSSE function in ImfOptimizedPixelReading.h could cause the application to crash or execute arbitrary code. | ||||
| CVE-2017-8774 | 1 Quickheal | 3 Antivirus Pro, Internet Security, Total Security | 2025-04-20 | 9.8 Critical |
| Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Memory Corruption while parsing a malformed Mach-O file. | ||||