Total
2516 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-6037 | 1 We-con | 1 Levi Studio Hmi Editor | 2025-04-20 | N/A |
A Heap-Based Buffer Overflow issue was discovered in Wecon Technologies LEVI Studio HMI Editor before 1.8.1. This vulnerability causes a buffer overflow when a maliciously crafted project file is run by the system. | ||||
CVE-2017-7611 | 3 Canonical, Debian, Elfutils Project | 3 Ubuntu Linux, Debian Linux, Elfutils | 2025-04-20 | N/A |
The check_symtab_shndx function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | ||||
CVE-2017-14682 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | N/A |
GetNextToken in MagickCore/token.c in ImageMagick 7.0.6 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted SVG document, a different vulnerability than CVE-2017-10928. | ||||
CVE-2017-14529 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
The pe_print_idata function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles HintName vector entries, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PE file, related to the bfd_getl16 function. | ||||
CVE-2017-14348 | 1 Libraw | 1 Libraw | 2025-04-20 | N/A |
LibRaw before 0.18.4 has a heap-based Buffer Overflow in the processCanonCameraInfo function via a crafted file. | ||||
CVE-2017-12562 | 2 Debian, Libsndfile Project | 2 Debian Linux, Libsndfile | 2025-04-20 | 9.8 Critical |
Heap-based Buffer Overflow in the psf_binheader_writef function in common.c in libsndfile through 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | ||||
CVE-2017-13758 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | N/A |
In ImageMagick 7.0.6-10, there is a heap-based buffer overflow in the TracePoint() function in MagickCore/draw.c. | ||||
CVE-2017-13739 | 1 Liblouis | 1 Liblouis | 2025-04-20 | N/A |
There is a heap-based buffer overflow that causes a more than two thousand bytes out-of-bounds write in Liblouis 3.2.0, triggered in the function resolveSubtable() in compileTranslationTable.c. It will lead to denial of service or remote code execution. | ||||
CVE-2017-9433 | 1 Libmwaw Project | 1 Libmwaw | 2025-04-20 | N/A |
Document Liberation Project libmwaw before 2017-04-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the MsWrd1Parser::readFootnoteCorrespondance function in lib/MsWrd1Parser.cxx. | ||||
CVE-2017-12983 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | N/A |
Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. | ||||
CVE-2017-7477 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Extras Rt | 2025-04-20 | 7.0 High |
Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module in the Linux kernel through 4.10.12 allows attackers to cause a denial of service or possibly have unspecified other impact by leveraging the use of a MAX_SKB_FRAGS+1 size in conjunction with the NETIF_F_FRAGLIST feature, leading to an error in the skb_to_sgvec function. | ||||
CVE-2017-12876 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 6.5 Medium |
Heap-based buffer overflow in enhance.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file. | ||||
CVE-2017-12862 | 2 Debian, Opencv | 2 Debian Linux, Opencv | 2025-04-20 | 8.8 High |
In modules/imgcodecs/src/grfmt_pxm.cpp, the length of buffer AutoBuffer _src is small than expected, which will cause copy buffer overflow later. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier. | ||||
CVE-2017-16844 | 2 Procmail, Redhat | 2 Procmail, Enterprise Linux | 2025-04-20 | N/A |
Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than CVE-2014-3618. | ||||
CVE-2017-7300 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that is vulnerable to a heap-based buffer over-read (off-by-one) because of an incomplete check for invalid string offsets while loading symbols, leading to a GNU linker (ld) program crash. | ||||
CVE-2017-7184 | 3 Canonical, Linux, Redhat | 8 Ubuntu Linux, Linux Kernel, Enterprise Linux and 5 more | 2025-04-20 | 7.8 High |
The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52. | ||||
CVE-2017-5545 | 1 Libimobiledevice | 1 Libplist | 2025-04-20 | N/A |
The main function in plistutil.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via Apple Property List data that is too short. | ||||
CVE-2017-11698 | 1 Mozilla | 1 Network Security Services | 2025-04-20 | N/A |
Heap-based buffer overflow in the __get_page function in lib/dbm/src/h_page.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file. | ||||
CVE-2017-9265 | 2 Openvswitch, Redhat | 3 Openvswitch, Enterprise Linux, Openstack | 2025-04-20 | N/A |
In Open vSwitch (OvS) v2.7.0, there is a buffer over-read while parsing the group mod OpenFlow message sent from the controller in `lib/ofp-util.c` in the function `ofputil_pull_ofp15_group_mod`. | ||||
CVE-2017-11696 | 1 Mozilla | 1 Network Security Services | 2025-04-20 | N/A |
Heap-based buffer overflow in the __hash_open function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file. |