Export limit exceeded: 21106 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10052 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10052 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-5203 | 3 Debian, Redhat, Tcpdump | 9 Debian Linux, Enterprise Linux, Enterprise Linux Desktop and 6 more | 2025-04-20 | N/A |
| The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print(). | ||||
| CVE-2017-5204 | 3 Debian, Redhat, Tcpdump | 9 Debian Linux, Enterprise Linux, Enterprise Linux Desktop and 6 more | 2025-04-20 | N/A |
| The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print(). | ||||
| CVE-2017-5205 | 3 Debian, Redhat, Tcpdump | 9 Debian Linux, Enterprise Linux, Enterprise Linux Desktop and 6 more | 2025-04-20 | N/A |
| The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print(). | ||||
| CVE-2017-5208 | 3 Debian, Icoutils Project, Redhat | 9 Debian Linux, Icoutils, Enterprise Linux and 6 more | 2025-04-20 | N/A |
| Integer overflow in the wrestool program in icoutils before 0.31.1 allows remote attackers to cause a denial of service (memory corruption) via a crafted executable, which triggers a denial of service (application crash) or the possibility of execution of arbitrary code. | ||||
| CVE-2017-5356 | 2 Debian, Irssi | 2 Debian Linux, Irssi | 2025-04-20 | N/A |
| Irssi before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a string containing a formatting sequence (%[) without a closing bracket (]). | ||||
| CVE-2017-9994 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2025-04-20 | N/A |
| libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not ensure that pix_fmt is set, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to the vp8_decode_mb_row_no_filter and pred8x8_128_dc_8_c functions. | ||||
| CVE-2017-5506 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2025-04-20 | 7.8 High |
| Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file. | ||||
| CVE-2017-5507 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2025-04-20 | 7.5 High |
| Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache. | ||||
| CVE-2017-5510 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2025-04-20 | 7.8 High |
| coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write. | ||||
| CVE-2017-5511 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2025-04-20 | 9.8 Critical |
| coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow. | ||||
| CVE-2017-5522 | 2 Debian, Osgeo | 2 Debian Linux, Mapserver | 2025-04-20 | N/A |
| Stack-based buffer overflow in MapServer before 6.0.6, 6.2.x before 6.2.4, 6.4.x before 6.4.5, and 7.0.x before 7.0.4 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via vectors involving WFS get feature requests. | ||||
| CVE-2017-5525 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-20 | 6.5 Medium |
| Memory leak in hw/audio/ac97.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations. | ||||
| CVE-2017-5526 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-20 | 6.5 Medium |
| Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations. | ||||
| CVE-2017-5579 | 3 Debian, Qemu, Redhat | 4 Debian Linux, Qemu, Enterprise Linux and 1 more | 2025-04-20 | 6.5 Medium |
| Memory leak in the serial_exit_core function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations. | ||||
| CVE-2017-5610 | 2 Debian, Wordpress | 2 Debian Linux, Wordpress | 2025-04-20 | N/A |
| wp-admin/includes/class-wp-press-this.php in Press This in WordPress before 4.7.2 does not properly restrict visibility of a taxonomy-assignment user interface, which allows remote attackers to bypass intended access restrictions by reading terms. | ||||
| CVE-2017-5611 | 3 Debian, Oracle, Wordpress | 3 Debian Linux, Data Integrator, Wordpress | 2025-04-20 | 9.8 Critical |
| SQL injection vulnerability in wp-includes/class-wp-query.php in WP_Query in WordPress before 4.7.2 allows remote attackers to execute arbitrary SQL commands by leveraging the presence of an affected plugin or theme that mishandles a crafted post type name. | ||||
| CVE-2017-5612 | 2 Debian, Wordpress | 2 Debian Linux, Wordpress | 2025-04-20 | N/A |
| Cross-site scripting (XSS) vulnerability in wp-admin/includes/class-wp-posts-list-table.php in the posts list table in WordPress before 4.7.2 allows remote attackers to inject arbitrary web script or HTML via a crafted excerpt. | ||||
| CVE-2017-5617 | 2 Debian, Kitfox | 2 Debian Linux, Svg Salamander | 2025-04-20 | 7.4 High |
| The SVG Salamander (aka svgSalamander) library, when used in a web application, allows remote attackers to conduct server-side request forgery (SSRF) attacks via an xlink:href attribute in an SVG file. | ||||
| CVE-2017-5637 | 3 Apache, Debian, Redhat | 5 Zookeeper, Debian Linux, Jboss Bpms and 2 more | 2025-04-20 | N/A |
| Two four letter word commands "wchp/wchc" are CPU intensive and could cause spike of CPU utilization on Apache ZooKeeper server if abused, which leads to the server unable to serve legitimate client requests. Apache ZooKeeper thru version 3.4.9 and 3.5.2 suffer from this issue, fixed in 3.4.10, 3.5.3, and later. | ||||
| CVE-2017-5667 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-20 | 6.5 Medium |
| The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data transfer length. | ||||