Total
12847 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-6436 | 1 Libplist Project | 1 Libplist | 2024-11-21 | N/A |
| The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file. | ||||
| CVE-2017-6435 | 1 Libplist Project | 1 Libplist | 2024-11-21 | N/A |
| The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory corruption) via a crafted plist file. | ||||
| CVE-2017-6429 | 1 Broadcom | 1 Tcpreplay | 2024-11-21 | 7.8 High |
| Buffer overflow in the tcpcapinfo utility in Tcpreplay before 4.2.0 Beta 1 allows remote attackers to have unspecified impact via a pcap file with an over-size packet. | ||||
| CVE-2017-6427 | 1 Evostream | 1 Media Server | 2024-11-21 | N/A |
| A Buffer Overflow was discovered in EvoStream Media Server 1.7.1. A crafted HTTP request with a malicious header will cause a crash. An example attack methodology may include a long message-body in a GET request. | ||||
| CVE-2017-6419 | 2 Clamav, Libmspack Project | 2 Clamav, Libmspack | 2024-11-21 | N/A |
| mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted CHM file. | ||||
| CVE-2017-6416 | 1 Flexense | 1 Sysgauge | 2024-11-21 | N/A |
| An issue was discovered in SysGauge 1.5.18. A buffer overflow vulnerability in SMTP connection verification leads to arbitrary code execution. The attack vector is a crafted SMTP daemon that sends a long 220 (aka "Service ready") string. | ||||
| CVE-2017-6319 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted DEX file. | ||||
| CVE-2017-6300 | 2 Debian, Ytnef Project | 2 Debian Linux, Ytnef | 2024-11-21 | N/A |
| An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "3 of 9. Buffer Overflow in version field in lib/tnef-types.h." | ||||
| CVE-2017-6289 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In Android before the 2018-05-05 security patch level, NVIDIA Trusted Execution Environment (TEE) contains a memory corruption (due to unusual root cause) vulnerability, which if run within the speculative execution of the TEE, may lead to local escalation of privileges. This issue is rated as critical. Android: A-72830049. Reference: N-CVE-2017-6289. | ||||
| CVE-2017-6278 | 1 Nvidia | 6 Jetson Tk1, Jetson Tk1 Firmware, Jetson Tx1 and 3 more | 2024-11-21 | N/A |
| NVIDIA Tegra kernel contains a vulnerability in the CORE DVFS Thermal driver where there is the potential to read or write a buffer using an index or pointer that references a memory location after the end of the buffer, which may lead to a denial of service or possible escalation of privileges. | ||||
| CVE-2017-6274 | 1 Google | 1 Android | 2024-11-21 | N/A |
| An elevation of Privilege vulnerability exists in the Thermal Driver, where a missing bounds checks in the thermal throttle driver can cause an out-of-bounds write in the kernel. This issue is rated as moderate. Product: Pixel. Version: N/A. Android ID: A-34705801. References: N-CVE-2017-6274. | ||||
| CVE-2017-6273 | 1 Nvidia | 2 Adsp Firmware, Tegra Jetson L4t | 2024-11-21 | N/A |
| NVIDIA ADSP Firmware contains a vulnerability in the ADSP Loader component where there is the potential to write to a memory location that is outside the intended boundary of the buffer, which may lead to denial of service or possible escalation of privileges. | ||||
| CVE-2017-6260 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-11-21 | N/A |
| NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer helper function where an incorrect calculation of string length may lead to denial of service. | ||||
| CVE-2017-6211 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the processing of a downlink supplementary services message, a buffer overflow can occur. | ||||
| CVE-2017-6209 | 1 Virglrenderer Project | 1 Virglrenderer | 2024-11-21 | N/A |
| Stack-based buffer overflow in the parse_identifier function in tgsi_text.c in the TGSI auxiliary module in the Gallium driver in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors related to parsing properties. | ||||
| CVE-2017-6194 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The relocs function in libr/bin/p/bin_bflt.c in radare2 1.2.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file. | ||||
| CVE-2017-6193 | 1 Apng Disassembler Project | 1 Apng Disassembler | 2024-11-21 | N/A |
| Buffer overflow in APNGDis 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted image containing a malformed image size descriptor in the IHDR chunk. | ||||
| CVE-2017-6192 | 1 Apng Disassembler Project | 1 Apng Disassembler | 2024-11-21 | N/A |
| Buffer overflow in APNGDis 2.8 and earlier allows a remote attackers to cause denial of service and possibly execute arbitrary code via a crafted image containing a malformed chunk size descriptor. | ||||
| CVE-2017-6191 | 1 Apng Disassembler Project | 1 Apng Disassembler | 2024-11-21 | N/A |
| Buffer overflow in APNGDis 2.8 and below allows a remote attacker to execute arbitrary code via a crafted filename. | ||||
| CVE-2017-6187 | 1 Disksavvy | 1 Disksavvy Enterprise | 2024-11-21 | N/A |
| Buffer overflow in the built-in web server in DiskSavvy Enterprise 9.4.18 allows remote attackers to execute arbitrary code via a long URI in a GET request. | ||||