Export limit exceeded: 14525 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (14525 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-10921 | 1 Xen | 1 Xen | 2025-04-20 | N/A |
| The grant-table feature in Xen through 4.8.x does not ensure sufficient type counts for a GNTMAP_device_map and GNTMAP_host_map mapping, which allows guest OS users to cause a denial of service (count mismanagement and memory corruption) or obtain privileged host OS access, aka XSA-224 bug 2. | ||||
| CVE-2017-10924 | 1 Irfanview | 2 Fpx, Irfanview | 2025-04-20 | N/A |
| IrfanView 4.44 (32bit) with FPX Plugin 4.47 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000a529." | ||||
| CVE-2017-10925 | 1 Irfanview | 2 Fpx, Irfanview | 2025-04-20 | N/A |
| IrfanView 4.44 (32bit) with FPX Plugin 4.47 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000b3ae." | ||||
| CVE-2017-10926 | 1 Irfanview | 2 Fpx, Irfanview | 2025-04-20 | N/A |
| IrfanView 4.44 (32bit) with FPX Plugin 4.47 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to a "Read Access Violation starting at wow64!Wow64NotifyDebugger+0x000000000000001d." | ||||
| CVE-2017-10928 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | N/A |
| In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the GetUserSpaceCoordinateValue function in coders/svg.c. | ||||
| CVE-2017-10929 | 1 Radare | 1 Radare2 | 2025-04-20 | N/A |
| The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, possibly related to a read overflow in the grub_disk_read_small_real function in kern/disk.c in GNU GRUB 2.02. | ||||
| CVE-2017-11465 | 1 Ruby-lang | 1 Ruby | 2025-04-20 | N/A |
| The parser_yyerror function in the UTF-8 parser in Ruby 2.4.1 allows attackers to cause a denial of service (invalid write or read) or possibly have unspecified other impact via a crafted Ruby script, related to the parser_tokadd_utf8 function in parse.y. NOTE: this might have security relevance as a bypass of a $SAFE protection mechanism. | ||||
| CVE-2017-11496 | 1 Gemalto | 1 Sentinel Ldk Rte | 2025-04-20 | N/A |
| Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to execute arbitrary code via malformed ASN.1 streams in V2C and similar input files. | ||||
| CVE-2017-11497 | 1 Gemalto | 1 Sentinel Ldk Rte | 2025-04-20 | N/A |
| Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to execute arbitrary code via language packs containing filenames longer than 1024 characters. | ||||
| CVE-2017-11498 | 1 Gemalto | 1 Sentinel Ldk Rte | 2025-04-20 | N/A |
| Buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to shut down the remote process (a denial of service) via a language pack (ZIP file) with invalid HTML files. | ||||
| CVE-2017-11517 | 1 Geutebrueck | 1 Gcore | 2025-04-20 | N/A |
| Stack-based buffer overflow in GCoreServer.exe in the server in Geutebrueck Gcore 1.3.8.42 and 1.4.2.37 allows remote attackers to execute arbitrary code via a long URI in a GET request. | ||||
| CVE-2017-11543 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2025-04-20 | N/A |
| tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in print-sl.c. | ||||
| CVE-2017-11548 | 1 Xiph | 1 Libao | 2025-04-20 | 5.5 Medium |
| The _tokenize_matrix function in audio_out.c in Xiph.Org libao 1.2.0 allows remote attackers to cause a denial of service (memory corruption) via a crafted MP3 file. | ||||
| CVE-2017-11550 | 1 Libid3tag Project | 1 Libid3tag | 2025-04-20 | N/A |
| The id3_ucs4_length function in ucs4.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service (NULL Pointer Dereference and application crash) via a crafted mp3 file. | ||||
| CVE-2017-11551 | 1 Libid3tag Project | 1 Libid3tag | 2025-04-20 | N/A |
| The id3_field_parse function in field.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service (OOM) via a crafted MP3 file. | ||||
| CVE-2017-11552 | 1 Underbit | 1 Mad Libmad | 2025-04-20 | N/A |
| mpg321.c in mpg321 0.3.2-1 does not properly manage memory for use with libmad 0.15.1b, which allows remote attackers to cause a denial of service (memory corruption seen in a crash in the mad_decoder_run function in decoder.c in libmad) via a crafted MP3 file. | ||||
| CVE-2017-8608 | 1 Microsoft | 8 Edge, Internet Explorer, Windows 10 and 5 more | 2025-04-20 | N/A |
| Microsoft browsers in Microsoft Windows Server 2008 and R2, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engines fail to render when handling objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8598, CVE-2017-8596, CVE-2017-8610, CVE-2017-8601, CVE-2017-8618, CVE-2017-8619, CVE-2017-8603, CVE-2017-8604, CVE-2017-8605, CVE-2017-8595, CVE-2017-8606, CVE-2017-8607, and CVE-2017-8609 | ||||
| CVE-2017-11571 | 1 Fontforge | 1 Fontforge | 2025-04-20 | N/A |
| FontForge 20161012 is vulnerable to a stack-based buffer overflow in addnibble (parsettf.c) resulting in DoS or code execution via a crafted otf file. | ||||
| CVE-2017-11574 | 1 Fontforge | 1 Fontforge | 2025-04-20 | N/A |
| FontForge 20161012 is vulnerable to a heap-based buffer overflow in readcffset (parsettf.c) resulting in DoS or code execution via a crafted otf file. | ||||
| CVE-2017-11576 | 1 Fontforge | 1 Fontforge | 2025-04-20 | N/A |
| FontForge 20161012 does not ensure a positive size in a weight vector memcpy call in readcfftopdict (parsettf.c) resulting in DoS via a crafted otf file. | ||||