Export limit exceeded: 365265 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (365265 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-11338 1 Exiv2 1 Exiv2 2025-04-20 N/A
There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0.26. A crafted input will lead to a remote denial of service attack.
CVE-2017-11339 1 Exiv2 1 Exiv2 2025-04-20 N/A
There is a heap-based buffer overflow in the Image::printIFDStructure function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack.
CVE-2017-1134 1 Ibm 1 Power Hardware Management Console 2025-04-20 N/A
IBM Reliable Scalable Cluster Technology could allow a local user to escalate their privileges to gain root access. IBM Reference #: 1998459.
CVE-2017-11340 1 Exiv2 1 Exiv2 2025-04-20 N/A
There is a Segmentation fault in the XmpParser::terminate() function in Exiv2 0.26, related to an exit call. A Crafted input will lead to a remote denial of service attack.
CVE-2017-11341 1 Libsass 1 Libsass 2025-04-20 N/A
There is a heap based buffer over-read in lexer.hpp of LibSass 3.4.5. A crafted input will lead to a remote denial of service attack.
CVE-2017-11342 1 Libsass 1 Libsass 2025-04-20 N/A
There is an illegal address access in ast.cpp of LibSass 3.4.5. A crafted input will lead to a remote denial of service attack.
CVE-2017-11343 1 Call-cc 1 Chicken 2025-04-20 N/A
Due to an incomplete fix for CVE-2012-6125, all versions of CHICKEN Scheme up to and including 4.12.0 are vulnerable to an algorithmic complexity attack. An attacker can provide crafted input which, when inserted into the symbol table, will result in O(n) lookup time.
CVE-2017-11344 1 Asuswrt-merlin Project 56 Rt-ac1200, Rt-ac1200 Firmware, Rt-ac3100 and 53 more 2025-04-20 N/A
Global buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to write shellcode at any address in the heap; this can be used to execute arbitrary code on the router by hosting a crafted device description XML document at a URL specified within a Location header in an SSDP response.
CVE-2017-11345 1 Asuswrt-merlin Project 56 Rt-ac1200, Rt-ac1200 Firmware, Rt-ac3100 and 53 more 2025-04-20 N/A
Stack buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code on the router by hosting a crafted device description XML document (that includes a serviceType element) at a URL specified within a Location header in an SSDP response.
CVE-2017-11346 1 Zohocorp 1 Manageengine Desktop Central 2025-04-20 N/A
Zoho ManageEngine Desktop Central before build 100092 allows remote attackers to execute arbitrary code via vectors involving the upload of help desk videos.
CVE-2017-11347 1 Metinfo 1 Metinfo 2025-04-20 N/A
Authenticated Code Execution Vulnerability in MetInfo 5.3.17 allows a remote authenticated attacker to generate a PHP script with the content of a malicious image, related to admin/include/common.inc.php and admin/app/physical/physical.php.
CVE-2017-11348 1 Octopus 2 Octopus Deploy, Octopus Server 2025-04-20 N/A
In Octopus Deploy 3.x before 3.15.4, an authenticated user with PackagePush permission to upload packages could upload a maliciously crafted NuGet package, potentially overwriting other packages or modifying system files. This is a directory traversal in the PackageId value.
CVE-2017-11350 1 Axesstel 2 Mu553s, Mu553s Firmware 2025-04-20 N/A
Cross-Site Request Forgery (CSRF) exists in cgi-bin/ConfigSet on Axesstel MU553S MU55XS-V1.14 devices.
CVE-2017-11351 1 Axesstel 2 Mu553s, Mu553s Firmware 2025-04-20 N/A
Axesstel MU553S MU55XS-V1.14 devices have a default password of admin for the admin account.
CVE-2017-11352 3 Canonical, Debian, Imagemagick 3 Ubuntu Linux, Debian Linux, Imagemagick 2025-04-20 6.5 Medium
In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-9144.
CVE-2017-11353 1 Yadm Project 1 Yadm 2025-04-20 N/A
yadm (yet another dotfile manager) 1.10.0 has a race condition (related to the behavior of git commands in setting permissions for new files and directories), which potentially allows access to SSH and PGP keys.
CVE-2017-11354 1 Fiyo 1 Fiyo Cms 2025-04-20 N/A
Fiyo CMS v2.0.7 has an SQL injection vulnerability in dapur/apps/app_article/sys_article.php via the name parameter in editing or adding a tag name.
CVE-2017-11355 1 Pega 1 Pega Platform 2025-04-20 N/A
Multiple cross-site scripting (XSS) vulnerabilities in PEGA Platform 7.2 ML0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO to the main page; the (2) beanReference parameter to the JavaBean viewer page; or the (3) pyTableName to the System database schema modification page.
CVE-2017-11356 1 Pega 1 Pega Platform 2025-04-20 N/A
The application distribution export functionality in PEGA Platform 7.2 ML0 and earlier allows remote authenticated users with certain privileges to obtain sensitive configuration information by leveraging a missing access control.
CVE-2017-11358 2 Debian, Sound Exchange Project 2 Debian Linux, Sound Exchange 2025-04-20 N/A
The read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted hcom file.