Total
8120 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-13028 | 2 Debian, Tcpdump | 2 Debian Linux, Tcpdump | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print(). | |||||
CVE-2017-12598 | 2 Debian, Opencv | 2 Debian Linux, Opencv | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds read error in the cv::RBaseStream::readBlock function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the 8-opencv-invalid-read-fread test case. | |||||
CVE-2017-17805 | 5 Debian, Linux, Opensuse and 2 more | 7 Debian Linux, Linux Kernel, Leap and 4 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or have unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable. | |||||
CVE-2017-11173 | 2 Debian, Rack-cors Project | 2 Debian Linux, Rack-cors | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
Missing anchor in generated regex for rack-cors before 0.4.1 allows a malicious third-party site to perform CORS requests. If the configuration were intended to allow only the trusted example.com domain name and not the malicious example.net domain name, then example.com.example.net (as well as example.com-example.net) would be inadvertently allowed. | |||||
CVE-2017-14493 | 5 Canonical, Debian, Opensuse and 2 more | 7 Ubuntu Linux, Debian Linux, Leap and 4 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request. | |||||
CVE-2017-17785 | 3 Canonical, Debian, Gimp | 3 Ubuntu Linux, Debian Linux, Gimp | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c. | |||||
CVE-2017-12865 | 2 Debian, Intel | 2 Debian Linux, Connman | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
Stack-based buffer overflow in "dnsproxy.c" in connman 1.34 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted response query string passed to the "name" variable. | |||||
CVE-2017-16840 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote attackers to cause a denial of service (out-of-bounds read) because of incorrect buffer padding for non-Haar wavelets, related to libavcodec/vc2enc.c and libavcodec/vc2enc_dwt.c. | |||||
CVE-2017-13711 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
Use-after-free vulnerability in the sofree function in slirp/socket.c in QEMU (aka Quick Emulator) allows attackers to cause a denial of service (QEMU instance crash) by leveraging failure to properly clear ifq_so from pending packets. | |||||
CVE-2017-1000410 | 3 Debian, Linux, Redhat | 9 Debian Linux, Linux Kernel, Enterprise Linux Desktop and 6 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. By manipulating the code flows that precede the handling of these configuration messages, an attacker can also gain some control over which data will be held in the uninitialized stack variables. This can allow him to bypass KASLR, and stack canaries protection - as both pointers and stack canaries may be leaked in this manner. Combining this vulnerability (for example) with the previously disclosed RCE vulnerability in L2CAP configuration parsing (CVE-2017-1000251) may allow an attacker to exploit the RCE against kernels which were built with the above mitigations. These are the specifics of this vulnerability: In the function l2cap_parse_conf_rsp and in the function l2cap_parse_conf_req the following variable is declared without initialization: struct l2cap_conf_efs efs; In addition, when parsing input configuration parameters in both of these functions, the switch case for handling EFS elements may skip the memcpy call that will write to the efs variable: ... case L2CAP_CONF_EFS: if (olen == sizeof(efs)) memcpy(&efs, (void *)val, olen); ... The olen in the above if is attacker controlled, and regardless of that if, in both of these functions the efs variable would eventually be added to the outgoing configuration request that is being built: l2cap_add_conf_opt(&ptr, L2CAP_CONF_EFS, sizeof(efs), (unsigned long) &efs); So by sending a configuration request, or response, that contains an L2CAP_CONF_EFS element, but with an element length that is not sizeof(efs) - the memcpy to the uninitialized efs variable can be avoided, and the uninitialized variable would be returned to the attacker (16 bytes). | |||||
CVE-2017-15575 | 2 Debian, Redmine | 2 Debian Linux, Redmine | 2024-02-04 | 7.5 HIGH | 7.3 HIGH |
In Redmine before 3.2.6 and 3.3.x before 3.3.3, Redmine.pm lacks a check for whether the Repository module is enabled in a project's settings, which might allow remote attackers to obtain sensitive differences information or possibly have unspecified other impact. | |||||
CVE-2017-16995 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.4 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect sign extension. | |||||
CVE-2017-9344 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bluetooth L2CAP dissector could divide by zero. This was addressed in epan/dissectors/packet-btl2cap.c by validating an interval value. | |||||
CVE-2018-5334 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by correcting the signature timestamp bounds checks. | |||||
CVE-2017-14062 | 2 Debian, Gnu | 2 Debian Linux, Libidn2 | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
Integer overflow in the decode_digit function in puny_decode.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact. | |||||
CVE-2017-9406 | 2 Debian, Freedesktop | 2 Debian Linux, Poppler | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
In Poppler 0.54.0, a memory leak vulnerability was found in the function gmalloc in gmem.cc, which allows attackers to cause a denial of service via a crafted file. | |||||
CVE-2013-6049 | 2 Apt-listbugs Project, Debian | 2 Apt-listbugs, Debian Linux | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
apt-listbugs before 0.1.10 creates temporary files insecurely, which allows attackers to have unspecified impact via unknown vectors. | |||||
CVE-2017-1000421 | 2 Debian, Gifsicle Project | 2 Debian Linux, Gifsicle | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
Gifsicle gifview 1.89 and older is vulnerable to a use-after-free in the read_gif function resulting potential code execution | |||||
CVE-2016-8734 | 2 Apache, Debian | 2 Subversion, Debian Linux | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
Apache Subversion's mod_dontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. The attack can cause the targeted process to consume an excessive amount of CPU resources or memory. | |||||
CVE-2015-1207 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
Double-free vulnerability in libavformat/mov.c in FFMPEG in Google Chrome 41.0.2251.0 allows remote attackers to cause a denial of service (memory corruption and crash) via a crafted .m4a file. |