Export limit exceeded: 45939 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45939 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-8374 | 1 Underbit | 1 Mad Libmad | 2025-04-20 | N/A |
| The mad_bit_skip function in bit.c in Underbit MAD libmad 0.15.1b allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted audio file. | ||||
| CVE-2017-8378 | 1 Podofo Project | 1 Podofo | 2025-04-20 | N/A |
| Heap-based buffer overflow in the PdfParser::ReadObjects function in base/PdfParser.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors related to m_offsets.size. | ||||
| CVE-2017-8826 | 1 Faststone | 1 Image Viewer | 2025-04-20 | N/A |
| FastStone Image Viewer 6.2 has a "User Mode Write AV" issue, possibly related to the jpeg_mem_term function in jmemnobs.c in libjpeg. This issue can be triggered by a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact. | ||||
| CVE-2017-8831 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2025-04-20 | 6.4 Medium |
| The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a "double fetch" vulnerability. | ||||
| CVE-2017-8834 | 2 Gnome, Opensuse | 2 Libcroco, Leap | 2025-04-20 | 6.5 Medium |
| The cr_tknzr_parse_comment function in cr-tknzr.c in libcroco 0.6.12 allows remote attackers to cause a denial of service (memory allocation error) via a crafted CSS file. | ||||
| CVE-2017-8844 | 2 Debian, Long Range Zip Project | 2 Debian Linux, Long Range Zip | 2025-04-20 | 7.8 High |
| The read_1g function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted archive. | ||||
| CVE-2017-8845 | 1 Long Range Zip Project | 1 Long Range Zip | 2025-04-20 | 5.5 Medium |
| The lzo1x_decompress function in lzo1x_d.ch in LZO 2.08, as used in lrzip 0.631, allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted archive. | ||||
| CVE-2017-8852 | 1 Sap | 1 Sapcar | 2025-04-20 | N/A |
| SAP SAPCAR 721.510 has a Heap Based Buffer Overflow Vulnerability. It could be exploited with a crafted CAR archive file received from an untrusted remote source. The problem is that the length of data written is an arbitrary number found within the file. The vendor response is SAP Security Note 2441560. | ||||
| CVE-2017-8854 | 1 Wolfssl | 1 Wolfssl | 2025-04-20 | N/A |
| wolfSSL before 3.10.2 has an out-of-bounds memory access with loading crafted DH parameters, aka a buffer overflow triggered by a malformed temporary DH file. | ||||
| CVE-2017-8869 | 1 Mediacoder | 1 Mediacoder | 2025-04-20 | N/A |
| Buffer overflow in MediaCoder 0.8.48.5888 allows remote attackers to execute arbitrary code via a crafted .m3u file. | ||||
| CVE-2017-8870 | 1 Mediacoderhq | 1 Audiocoder | 2025-04-20 | N/A |
| Buffer overflow in AudioCoder 0.8.46 allows remote attackers to execute arbitrary code via a crafted .m3u file. | ||||
| CVE-2017-8891 | 1 Dropbox | 1 Lepton | 2025-04-20 | N/A |
| Dropbox Lepton 1.2.1 allows DoS (SEGV and application crash) via a malformed lepton file because the code does not ensure setup of a correct number of threads. | ||||
| CVE-2017-8893 | 1 Aeroadmin | 1 Aeroadmin | 2025-04-20 | N/A |
| AeroAdmin 4.1 uses a function to copy data between two pointers where the size of the data copied is taken directly from a network packet. This can cause a buffer overflow and denial of service. | ||||
| CVE-2017-8906 | 1 Multicorewareinc | 1 X265 High Efficiency Video Coding | 2025-04-20 | 5.5 Medium |
| An integer underflow vulnerability exists in pixel-a.asm, the x86 assembly code for planeClipAndMax() in MulticoreWare x265 through 2.4, as used by the x265_encoder_encode dependency in libbpg and other products. A small picture can cause an integer underflow, which leads to a Denial of Service in the process of encoding. | ||||
| CVE-2017-8908 | 1 Artifex | 1 Ghostscript | 2025-04-20 | N/A |
| The mark_line_tr function in gxscanc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PostScript document. | ||||
| CVE-2017-8911 | 1 Tnef Project | 1 Tnef | 2025-04-20 | N/A |
| An integer underflow has been identified in the unicode_to_utf8() function in tnef 1.4.14. This might lead to invalid write operations, controlled by an attacker. | ||||
| CVE-2017-8924 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-04-20 | N/A |
| The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow. | ||||
| CVE-2017-8926 | 1 Halliburton | 1 Logview Pro | 2025-04-20 | N/A |
| Buffer overflow in Halliburton LogView Pro 10.0.1 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file. | ||||
| CVE-2017-8927 | 1 Cgmlarson | 1 Vizex Reader | 2025-04-20 | 7.8 High |
| Buffer overflow in Larson VizEx Reader 9.7.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file. | ||||
| CVE-2017-2523 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "Foundation" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted data. | ||||