Search

Search Results (363284 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-7849 1 Tenable 1 Nessus 2025-04-20 N/A
Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local denial of service condition due to insecure permissions when running in Agent Mode.
CVE-2017-7850 1 Tenable 1 Nessus 2025-04-20 N/A
Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local privilege escalation issue due to insecure permissions when running in Agent Mode.
CVE-2017-7851 2 D-link, Dlink 2 Dcs-936l, Dcs-936l 2025-04-20 N/A
D-Link DCS-936L devices with firmware before 1.05.07 have an inadequate CSRF protection mechanism that requires the device's IP address to be a substring of the HTTP Referer header.
CVE-2017-7852 1 Dlink 52 Dcs-2132l, Dcs-2132l Firmware, Dcs-2136l and 49 more 2025-04-20 8.8 High
D-Link DCS cameras have a weak/insecure CrossDomain.XML file that allows sites hosting malicious Flash objects to access and/or change the device's settings via a CSRF attack. This is because of the 'allow-access-from domain' child element set to *, thus accepting requests from any domain. If a victim logged into the camera's web console visits a malicious site hosting a malicious Flash file from another Browser tab, the malicious Flash file then can send requests to the victim's DCS series Camera without knowing the credentials. An attacker can host a malicious Flash file that can retrieve Live Feeds or information from the victim's DCS series Camera, add new admin users, or make other changes to the device. Known affected devices are DCS-933L with firmware before 1.13.05, DCS-5030L, DCS-5020L, DCS-2530L, DCS-2630L, DCS-930L, DCS-932L, and DCS-932LB1.
CVE-2017-7853 1 Gnu 1 Osip 2025-04-20 N/A
In libosip2 in GNU oSIP 4.1.0 and 5.0.0, a malformed SIP message can lead to a heap buffer overflow in the msg_osip_body_parse() function defined in osipparser2/osip_message_parse.c, resulting in a remote DoS.
CVE-2017-7854 1 Radare 1 Radare2 2025-04-20 N/A
The consume_init_expr function in wasm.c in radare2 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Web Assembly file.
CVE-2017-7856 1 Libreoffice 1 Libreoffice 2025-04-20 N/A
LibreOffice before 2017-03-11 has an out-of-bounds write caused by a heap-based buffer overflow in the SVMConverter::ImplConvertFromSVM1 function in vcl/source/gdi/svmconverter.cxx.
CVE-2017-7857 1 Freetype 1 Freetype 2025-04-20 9.8 Critical
FreeType 2 before 2017-03-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.
CVE-2017-7858 1 Freetype 1 Freetype 2025-04-20 9.8 Critical
FreeType 2 before 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.
CVE-2017-7859 1 Ffmpeg 1 Ffmpeg 2025-04-20 N/A
FFmpeg before 2017-03-05 has an out-of-bounds write caused by a heap-based buffer overflow related to the ff_h264_slice_context_init function in libavcodec/h264dec.c.
CVE-2017-7860 1 Grpc 1 Grpc 2025-04-20 N/A
Google gRPC before 2017-02-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the parse_unix function in core/ext/client_channel/parse_address.c.
CVE-2017-7861 1 Grpc 1 Grpc 2025-04-20 N/A
Google gRPC before 2017-02-22 has an out-of-bounds write related to the gpr_free function in core/lib/support/alloc.c.
CVE-2017-7862 1 Ffmpeg 1 Ffmpeg 2025-04-20 N/A
FFmpeg before 2017-02-07 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame function in libavcodec/pictordec.c.
CVE-2017-7863 2 Debian, Ffmpeg 2 Debian Linux, Ffmpeg 2025-04-20 N/A
FFmpeg before 2017-02-04 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame_common function in libavcodec/pngdec.c.
CVE-2017-7864 1 Freetype 1 Freetype 2025-04-20 N/A
FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tt_size_reset function in truetype/ttobjs.c.
CVE-2017-7865 2 Debian, Ffmpeg 2 Debian Linux, Ffmpeg 2025-04-20 N/A
FFmpeg before 2017-01-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the ipvideo_decode_block_opcode_0xA function in libavcodec/interplayvideo.c and the avcodec_align_dimensions2 function in libavcodec/utils.c.
CVE-2017-7866 1 Ffmpeg 1 Ffmpeg 2025-04-20 N/A
FFmpeg before 2017-01-23 has an out-of-bounds write caused by a stack-based buffer overflow related to the decode_zbuf function in libavcodec/pngdec.c.
CVE-2017-7867 2 Debian, Icu-project 2 Debian Linux, International Components For Unicode 2025-04-20 N/A
International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function.
CVE-2017-7868 2 Debian, Icu-project 2 Debian Linux, International Components For Unicode 2025-04-20 N/A
International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function.
CVE-2017-7869 2 Gnu, Redhat 2 Gnutls, Enterprise Linux 2025-04-20 N/A
GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function in opencdk/read-packet.c. This issue (which is a subset of the vendor's GNUTLS-SA-2017-3 report) is fixed in 3.5.10.