Total
12847 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-9535 | 1 Irfanview | 2 Fpx, Irfanview | 2024-11-21 | N/A |
| IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!GetPlugInInfo+0x0000000000016e53." | ||||
| CVE-2017-9534 | 1 Irfanview | 2 Fpx, Irfanview | 2024-11-21 | N/A |
| IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!GetPlugInInfo+0x0000000000017426." | ||||
| CVE-2017-9533 | 1 Irfanview | 2 Fpx, Irfanview | 2024-11-21 | N/A |
| IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!DE_Decode+0x0000000000000a9b." | ||||
| CVE-2017-9532 | 1 Irfanview | 2 Fpx, Irfanview | 2024-11-21 | N/A |
| IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX+0x0000000000001555." | ||||
| CVE-2017-9531 | 1 Irfanview | 2 Fpx, Irfanview | 2024-11-21 | N/A |
| IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX+0x000000000000176c." | ||||
| CVE-2017-9530 | 1 Irfanview | 2 Irfanview, Tools | 2024-11-21 | N/A |
| IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or execute arbitrary code via a crafted file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at ntdll_77df0000!LdrpResCompareResourceNames+0x0000000000000150." | ||||
| CVE-2017-9529 | 1 Xnview | 1 Xnview | 2024-11-21 | N/A |
| XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to a "User Mode Write AV starting at Xfpx+0x0000000000004efd." | ||||
| CVE-2017-9528 | 1 Irfanview | 2 Fpx, Irfanview | 2024-11-21 | N/A |
| IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!FPX_GetScanDevicePropertyGroup+0x0000000000000f53." | ||||
| CVE-2017-9502 | 1 Haxx | 1 Curl | 2024-11-21 | N/A |
| In curl before 7.54.1 on Windows and DOS, libcurl's default protocol function, which is the logic that allows an application to set which protocol libcurl should attempt to use when given a URL without a scheme part, had a flaw that could lead to it overwriting a heap based memory buffer with seven bytes. If the default protocol is specified to be FILE or a file: URL lacks two slashes, the given "URL" starts with a drive letter, and libcurl is built for Windows or DOS, then libcurl would copy the path 7 bytes off, so that the end of the given path would write beyond the malloc buffer (7 bytes being the length in bytes of the ascii string "file://"). | ||||
| CVE-2017-9469 | 2 Debian, Irssi | 2 Debian Linux, Irssi | 2024-11-21 | N/A |
| In Irssi before 1.0.3, when receiving certain incorrectly quoted DCC files, it tries to find the terminating quote one byte before the allocated memory. Thus, remote attackers might be able to cause a crash. | ||||
| CVE-2017-9433 | 1 Libmwaw Project | 1 Libmwaw | 2024-11-21 | N/A |
| Document Liberation Project libmwaw before 2017-04-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the MsWrd1Parser::readFootnoteCorrespondance function in lib/MsWrd1Parser.cxx. | ||||
| CVE-2017-9430 | 1 Dnstracer Project | 1 Dnstracer | 2024-11-21 | N/A |
| Stack-based buffer overflow in dnstracer through 1.9 allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a command line with a long name argument that is mishandled in a strcpy call for argv[0]. An example threat model is a web application that launches dnstracer with an untrusted name string. | ||||
| CVE-2017-9412 | 1 Lame Project | 1 Lame | 2024-11-21 | N/A |
| The unpack_read_samples function in frontend/get_audio.c in LAME 3.99.5 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted wav file. | ||||
| CVE-2017-9392 | 1 Getvera | 4 Veraedge, Veraedge Firmware, Veralite and 1 more | 2024-11-21 | N/A |
| An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides UPnP services that are available on port 3480 and can also be accessed via port 80 using the url "/port_3480". It seems that the UPnP services provide "request_image" as one of the service actions for a normal user to retrieve an image from a camera that is controlled by the controller. It seems that the "res" (resolution) parameter passed in the query string is not sanitized and is stored on the stack which allows an attacker to overflow the buffer. The function "LU::Generic_IP_Camera_Manager::REQ_Image" is activated when the lu_request_image is passed as the "id" parameter in the query string. This function then calls "LU::Generic_IP_Camera_Manager::GetUrlFromArguments". This function retrieves all the parameters passed in the query string including "res" and then uses the value passed in it to fill up buffer using the sprintf function. However, the function in this case lacks a simple length check and as a result an attacker who is able to send more than 184 characters can easily overflow the values stored on the stack including the $RA value and thus execute code on the device. | ||||
| CVE-2017-9391 | 1 Getvera | 4 Veraedge, Veraedge Firmware, Veralite and 1 more | 2024-11-21 | N/A |
| An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides UPnP services that are available on port 3480 and can also be accessed via port 80 using the url "/port_3480". It seems that the UPnP services provide "request_image" as one of the service actions for a normal user to retrieve an image from a camera that is controlled by the controller. It seems that the "URL" parameter passed in the query string is not sanitized and is stored on the stack which allows an attacker to overflow the buffer. The function "LU::Generic_IP_Camera_Manager::REQ_Image" is activated when the lu_request_image is passed as the "id" parameter in query string. This function then calls "LU::Generic_IP_Camera_Manager::GetUrlFromArguments" and passes a "pointer" to the function where it will be allowed to store the value from the URL parameter. This pointer is passed as the second parameter $a2 to the function "LU::Generic_IP_Camera_Manager::GetUrlFromArguments". However, neither the callee or the caller in this case performs a simple length check and as a result an attacker who is able to send more than 1336 characters can easily overflow the values stored on the stack including the $RA value and thus execute code on the device. | ||||
| CVE-2017-9372 | 1 Digium | 2 Certified Asterisk, Open Source | 2024-11-21 | N/A |
| PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before 13.13-cert4, and other products, allows remote attackers to cause a denial of service (buffer overflow and application crash) via a SIP packet with a crafted CSeq header in conjunction with a Via header that lacks a branch parameter. | ||||
| CVE-2017-9351 | 1 Wireshark | 1 Wireshark | 2024-11-21 | N/A |
| In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-bootp.c by extracting the Vendor Class Identifier more carefully. | ||||
| CVE-2017-9348 | 1 Wireshark | 1 Wireshark | 2024-11-21 | N/A |
| In Wireshark 2.2.0 to 2.2.6, the DOF dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-dof.c by validating a size value. | ||||
| CVE-2017-9300 | 1 Videolan | 1 Vlc Media Player | 2024-11-21 | N/A |
| plugins\codec\libflac_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly have unspecified other impact via a crafted FLAC file. | ||||
| CVE-2017-9220 | 1 Audiocoding | 1 Freeware Advanced Audio Decoder 2 | 2024-11-21 | N/A |
| The mp4ff_read_stco function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (memory allocation error) via a crafted mp4 file. | ||||