Total
12847 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-5707 | 1 Intel | 1 Trusted Execution Engine Firmware | 2024-11-21 | N/A |
| Multiple buffer overflows in kernel in Intel Trusted Execution Engine Firmware 3.0 allow attacker with local access to the system to execute arbitrary code. | ||||
| CVE-2017-5706 | 1 Intel | 1 Server Platform Services Firmware | 2024-11-21 | N/A |
| Multiple buffer overflows in kernel in Intel Server Platform Services Firmware 4.0 allow attacker with local access to the system to execute arbitrary code. | ||||
| CVE-2017-5705 | 1 Intel | 1 Manageability Engine Firmware | 2024-11-21 | N/A |
| Multiple buffer overflows in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code. | ||||
| CVE-2017-5581 | 2 Redhat, Tigervnc | 2 Enterprise Linux, Tigervnc | 2024-11-21 | N/A |
| Buffer overflow in the ModifiablePixelBuffer::fillRect function in TigerVNC before 1.7.1 allows remote servers to execute arbitrary code via an RRE message with subrectangle outside framebuffer boundaries. | ||||
| CVE-2017-5580 | 1 Virglrenderer Project | 1 Virglrenderer | 2024-11-21 | N/A |
| The parse_instruction function in gallium/auxiliary/tgsi/tgsi_text.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and process crash) via a crafted texture instruction. | ||||
| CVE-2017-5548 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A |
| drivers/net/ieee802154/atusb.c in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist. | ||||
| CVE-2017-5547 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.8 High |
| drivers/hid/hid-corsair.c in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist. | ||||
| CVE-2017-5522 | 2 Debian, Osgeo | 2 Debian Linux, Mapserver | 2024-11-21 | N/A |
| Stack-based buffer overflow in MapServer before 6.0.6, 6.2.x before 6.2.4, 6.4.x before 6.4.5, and 7.0.x before 7.0.4 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via vectors involving WFS get feature requests. | ||||
| CVE-2017-5511 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2024-11-21 | 9.8 Critical |
| coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow. | ||||
| CVE-2017-5508 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | N/A |
| Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF file. | ||||
| CVE-2017-5505 | 1 Jasper Project | 1 Jasper | 2024-11-21 | N/A |
| The jas_matrix_asl function in jas_seq.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted image. | ||||
| CVE-2017-5495 | 2 Quagga, Redhat | 2 Quagga, Enterprise Linux | 2024-11-21 | N/A |
| All versions of Quagga, 0.93 through 1.1.0, are vulnerable to an unbounded memory allocation in the telnet 'vty' CLI, leading to a Denial-of-Service of Quagga daemons, or even the entire host. When Quagga daemons are configured with their telnet CLI enabled, anyone who can connect to the TCP ports can trigger this vulnerability, prior to authentication. Most distributions restrict the Quagga telnet interface to local access only by default. The Quagga telnet interface 'vty' input buffer grows automatically, without bound, so long as a newline is not entered. This allows an attacker to cause the Quagga daemon to allocate unbounded memory by sending very long strings without a newline. Eventually the daemon is terminated by the system, or the system itself runs out of memory. This is fixed in Quagga 1.1.1 and Free Range Routing (FRR) Protocol Suite 2017-01-10. | ||||
| CVE-2017-5486 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2024-11-21 | N/A |
| The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print(). | ||||
| CVE-2017-5485 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2024-11-21 | N/A |
| The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in addrtoname.c:lookup_nsap(). | ||||
| CVE-2017-5484 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2024-11-21 | N/A |
| The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print(). | ||||
| CVE-2017-5483 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2024-11-21 | N/A |
| The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse(). | ||||
| CVE-2017-5482 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2024-11-21 | N/A |
| The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2016-8575. | ||||
| CVE-2017-5471 | 1 Mozilla | 1 Firefox | 2024-11-21 | N/A |
| Memory safety bugs were reported in Firefox 53. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 54. | ||||
| CVE-2017-5470 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2024-11-21 | N/A |
| Memory safety bugs were reported in Firefox 53 and Firefox ESR 52.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2. | ||||
| CVE-2017-5469 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2024-11-21 | N/A |
| Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. | ||||