Search

Search Results (363281 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-17480 3 Canonical, Debian, Uclouvain 3 Ubuntu Linux, Debian Linux, Openjpeg 2025-04-20 9.8 Critical
In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtovolume function in jp3d/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.
CVE-2017-17484 1 Icu-project 1 International Components For Unicode 2025-04-20 N/A
The ucnv_UTF8FromUTF8 function in ucnv_u8.cpp in International Components for Unicode (ICU) for C/C++ through 60.1 mishandles ucnv_convertEx calls for UTF-8 to UTF-8 conversion, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted string, as demonstrated by ZNC.
CVE-2017-17572 1 Amazon Clone Project 1 Amazon Clone 2025-04-20 9.8 Critical
FS Amazon Clone 1.0 has SQL Injection via the PATH_INFO to /VerAyari.
CVE-2017-17497 1 Htacg 1 Tidy 2025-04-20 7.5 High
In Tidy 5.7.0, the prvTidyTidyMetaCharset function in clean.c allows attackers to cause a denial of service (Segmentation Fault), because the currentNode variable in the "children of the head" processing feature is modified in the loop without validating the new value.
CVE-2017-17498 1 Graphicsmagick 1 Graphicsmagick 2025-04-20 N/A
WritePNMImage in coders/pnm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (bit_stream.c MagickBitStreamMSBWrite heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
CVE-2017-17499 3 Canonical, Debian, Imagemagick 3 Ubuntu Linux, Debian Linux, Imagemagick 2025-04-20 9.8 Critical
ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp.
CVE-2017-17500 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2025-04-20 N/A
ReadRGBImage in coders/rgb.c in GraphicsMagick 1.3.26 has a magick/import.c ImportRGBQuantumType heap-based buffer over-read via a crafted file.
CVE-2017-17501 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2025-04-20 N/A
WriteOnePNGImage in coders/png.c in GraphicsMagick 1.3.26 has a heap-based buffer over-read via a crafted file.
CVE-2017-17502 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2025-04-20 N/A
ReadCMYKImage in coders/cmyk.c in GraphicsMagick 1.3.26 has a magick/import.c ImportCMYKQuantumType heap-based buffer over-read via a crafted file.
CVE-2017-17503 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2025-04-20 N/A
ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a magick/import.c ImportGrayQuantumType heap-based buffer over-read via a crafted file.
CVE-2017-17504 3 Canonical, Debian, Imagemagick 3 Ubuntu Linux, Debian Linux, Imagemagick 2025-04-20 6.5 Medium
ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage.
CVE-2017-17505 1 Hdfgroup 1 Hdf5 2025-04-20 N/A
In HDF5 1.10.1, there is a NULL pointer dereference in the function H5O_pline_decode in the H5Opline.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.
CVE-2017-17506 1 Hdfgroup 1 Hdf5 2025-04-20 6.5 Medium
In HDF5 1.10.1, there is an out of bounds read vulnerability in the function H5Opline_pline_decode in H5Opline.c in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.
CVE-2017-17507 1 Hdfgroup 1 Hdf5 2025-04-20 N/A
In HDF5 1.10.1, there is an out of bounds read vulnerability in the function H5T_conv_struct_opt in H5Tconv.c in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.
CVE-2017-17508 1 Hdfgroup 1 Hdf5 2025-04-20 N/A
In HDF5 1.10.1, there is a divide-by-zero vulnerability in the function H5T_set_loc in the H5T.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.
CVE-2017-17509 1 Hdfgroup 1 Hdf5 2025-04-20 N/A
In HDF5 1.10.1, there is an out of bounds write vulnerability in the function H5G__ent_decode_vec in H5Gcache.c in libhdf5.a. For example, h5dump would crash or possibly have unspecified other impact someone opens a crafted hdf5 file.
CVE-2017-1751 1 Ibm 1 Robotic Process Automation With Automation Anywhere 2025-04-20 N/A
IBM Robotic Process Automation with Automation Anywhere 10.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 135546.
CVE-2017-17511 2 Debian, Kildclient 2 Debian Linux, Kildclient 2025-04-20 N/A
KildClient 3.1.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, related to prefs.c and worldgui.c.
CVE-2017-17512 1 Sensible-utils Project 1 Sensible-utils 2025-04-20 N/A
sensible-browser in sensible-utils before 0.0.11 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument.
CVE-2017-17513 1 Tug 1 Tex Live 2025-04-20 N/A
TeX Live through 20170524 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, related to linked_scripts/context/stubs/unix/mtxrun, texmf-dist/scripts/context/stubs/mswin/mtxrun.lua, and texmf-dist/tex/luatex/lualibs/lualibs-os.lua.