Export limit exceeded: 10052 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (10052 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-15275 4 Canonical, Debian, Redhat and 1 more 8 Ubuntu Linux, Debian Linux, Enterprise Linux and 5 more 2025-04-20 7.5 High
Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory.
CVE-2017-15370 2 Debian, Sound Exchange Project 2 Debian Linux, Sound Exchange 2025-04-20 N/A
There is a heap-based buffer overflow in the ImaExpandS function of ima_rw.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file.
CVE-2017-15371 2 Debian, Sound Exchange Project 2 Debian Linux, Sound Exchange 2025-04-20 N/A
There is a reachable assertion abort in the function sox_append_comment() in formats.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file.
CVE-2017-15372 2 Debian, Sound Exchange Project 2 Debian Linux, Sound Exchange 2025-04-20 N/A
There is a stack-based buffer overflow in the lsx_ms_adpcm_block_expand_i function of adpcm.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file.
CVE-2017-15565 2 Debian, Freedesktop 2 Debian Linux, Poppler 2025-04-20 N/A
In Poppler 0.59.0, a NULL Pointer Dereference exists in the GfxImageColorMap::getGrayLine() function in GfxState.cc via a crafted PDF document.
CVE-2017-15568 2 Debian, Redmine 2 Debian Linux, Redmine 2025-04-20 N/A
In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/helpers/application_helper.rb via a multi-value field with a crafted value that is mishandled during rendering of issue history.
CVE-2017-15569 2 Debian, Redmine 2 Debian Linux, Redmine 2025-04-20 N/A
In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/helpers/queries_helper.rb via a multi-value field with a crafted value that is mishandled during rendering of an issue list.
CVE-2017-15570 2 Debian, Redmine 2 Debian Linux, Redmine 2025-04-20 N/A
In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/views/timelog/_list.html.erb via crafted column data.
CVE-2017-15571 2 Debian, Redmine 2 Debian Linux, Redmine 2025-04-20 N/A
In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/views/issues/_list.html.erb via crafted column data.
CVE-2017-15572 2 Debian, Redmine 2 Debian Linux, Redmine 2025-04-20 N/A
In Redmine before 3.2.6 and 3.3.x before 3.3.3, remote attackers can obtain sensitive information (password reset tokens) by reading a Referer log, because account/lost_password does not use a redirect.
CVE-2017-15573 2 Debian, Redmine 2 Debian Linux, Redmine 2025-04-20 N/A
In Redmine before 3.2.6 and 3.3.x before 3.3.3, XSS exists because markup is mishandled in wiki content.
CVE-2017-15574 2 Debian, Redmine 2 Debian Linux, Redmine 2025-04-20 N/A
In Redmine before 3.2.6 and 3.3.x before 3.3.3, stored XSS is possible by using an SVG document as an attachment.
CVE-2017-15575 2 Debian, Redmine 2 Debian Linux, Redmine 2025-04-20 N/A
In Redmine before 3.2.6 and 3.3.x before 3.3.3, Redmine.pm lacks a check for whether the Repository module is enabled in a project's settings, which might allow remote attackers to obtain sensitive differences information or possibly have unspecified other impact.
CVE-2017-15576 2 Debian, Redmine 2 Debian Linux, Redmine 2025-04-20 N/A
Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles Time Entry rendering in activity views, which allows remote attackers to obtain sensitive information.
CVE-2017-15577 2 Debian, Redmine 2 Debian Linux, Redmine 2025-04-20 N/A
Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles the rendering of wiki links, which allows remote attackers to obtain sensitive information.
CVE-2017-15642 2 Debian, Sound Exchange Project 2 Debian Linux, Sound Exchange 2025-04-20 N/A
In lsx_aiffstartread in aiff.c in Sound eXchange (SoX) 14.4.2, there is a Use-After-Free vulnerability triggered by supplying a malformed AIFF file.
CVE-2017-15672 2 Debian, Ffmpeg 2 Debian Linux, Ffmpeg 2025-04-20 N/A
The read_header function in libavcodec/ffv1dec.c in FFmpeg 2.4 and 3.3.4 and possibly earlier allows remote attackers to have unspecified impact via a crafted MP4 file, which triggers an out-of-bounds read.
CVE-2017-15721 2 Debian, Irssi 2 Debian Linux, Irssi 2025-04-20 N/A
In Irssi before 1.0.5, certain incorrectly formatted DCC CTCP messages could cause a NULL pointer dereference. This is a separate, but similar, issue relative to CVE-2017-9468.
CVE-2017-15722 2 Debian, Irssi 2 Debian Linux, Irssi 2025-04-20 N/A
In certain cases, Irssi before 1.0.5 may fail to verify that a Safe channel ID is long enough, causing reads beyond the end of the string.
CVE-2017-15723 2 Debian, Irssi 2 Debian Linux, Irssi 2025-04-20 N/A
In Irssi before 1.0.5, overlong nicks or targets may result in a NULL pointer dereference while splitting the message.