Total
4813 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-7610 | 3 Canonical, Debian, Elfutils Project | 3 Ubuntu Linux, Debian Linux, Elfutils | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| The check_group function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | |||||
| CVE-2017-7612 | 3 Canonical, Debian, Elfutils Project | 3 Ubuntu Linux, Debian Linux, Elfutils | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| The check_sysv_hash function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | |||||
| CVE-2017-12895 | 1 Tcpdump | 1 Tcpdump | 2019-10-02 | 7.5 HIGH | 9.8 CRITICAL |
| The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print(). | |||||
| CVE-2018-9135 | 1 Imagemagick | 1 Imagemagick | 2019-10-02 | 6.8 MEDIUM | 8.8 HIGH |
| In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer over-read in IsWEBPImageLossless in coders/webp.c. | |||||
| CVE-2017-7608 | 3 Canonical, Debian, Elfutils Project | 3 Ubuntu Linux, Debian Linux, Elfutils | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| The ebl_object_note_type_name function in eblobjnotetypename.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | |||||
| CVE-2018-8810 | 1 Radare | 1 Radare2 | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| In radare2 2.4.0, there is a heap-based buffer over-read in the get_ivar_list_t function of mach0_classes.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted Mach-O file. | |||||
| CVE-2017-7607 | 1 Elfutils Project | 1 Elfutils | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| The handle_gnu_hash function in readelf.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | |||||
| CVE-2018-8809 | 1 Radare | 1 Radare2 | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| In radare2 2.4.0, there is a heap-based buffer over-read in the dalvik_op function of anal_dalvik.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted dex file. | |||||
| CVE-2018-8808 | 1 Radare | 1 Radare2 | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| In radare2 2.4.0, there is a heap-based buffer over-read in the r_asm_disassemble function of asm.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted dex file. | |||||
| CVE-2017-12893 | 1 Tcpdump | 1 Tcpdump | 2019-10-02 | 7.5 HIGH | 9.8 CRITICAL |
| The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len(). | |||||
| CVE-2017-7520 | 1 Openvpn | 1 Openvpn | 2019-10-02 | 4.0 MEDIUM | 7.4 HIGH |
| OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service and/or possibly sensitive memory leak triggered by man-in-the-middle attacker. | |||||
| CVE-2017-7454 | 1 Entropymine | 1 Imageworsener | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| The iwgif_record_pixel function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file. | |||||
| CVE-2017-7379 | 1 Podofo Project | 1 Podofo | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| The PoDoFo::PdfSimpleEncoding::ConvertToEncoding function in PdfEncoding.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PDF document. | |||||
| CVE-2017-13007 | 1 Tcpdump | 1 Tcpdump | 2019-10-02 | 7.5 HIGH | 9.8 CRITICAL |
| The Apple PKTAP parser in tcpdump before 4.9.2 has a buffer over-read in print-pktap.c:pktap_if_print(). | |||||
| CVE-2018-8769 | 1 Elfutils Project | 1 Elfutils | 2019-10-02 | 6.8 MEDIUM | 7.8 HIGH |
| elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name function of libebl/ebldynamictagname.c because SYMTAB_SHNDX is unsupported. | |||||
| CVE-2017-7378 | 1 Podofo Project | 1 Podofo | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| The PoDoFo::PdfPainter::ExpandTabs function in PdfPainter.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PDF document. | |||||
| CVE-2017-7365 | 1 Google | 1 Android | 2019-10-02 | 9.3 HIGH | 7.8 HIGH |
| In all Android releases from CAF using the Linux kernel, a buffer overread can occur if a particular string is not NULL terminated. | |||||
| CVE-2018-8107 | 1 Xpdfreader | 1 Xpdf | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| The JPXStream::close function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | |||||
| CVE-2018-8106 | 1 Xpdfreader | 1 Xpdf | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | |||||
| CVE-2018-8105 | 1 Xpdfreader | 1 Xpdf | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| The JPXStream::fillReadBuf function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | |||||