Total
4813 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-17218 | 1 Huawei | 12 Dp300, Dp300 Firmware, Rp200 and 9 more | 2019-10-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an out-of-bounds read vulnerability. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may impact availability of product service. | |||||
| CVE-2018-16667 | 1 Contiki-ng | 1 Contiki-ng. | 2019-10-02 | 4.4 MEDIUM | 7.0 HIGH |
| An issue was discovered in Contiki-NG through 4.1. There is a buffer over-read in lookup in os/storage/antelope/lvm.c while parsing AQL (lvm_register_variable, lvm_set_variable_value, create_intersection, create_union). | |||||
| CVE-2017-11060 | 1 Google | 1 Android | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed during processing of ACA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_PASSPOINT_LIST and QCA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_LIST cfg80211 vendor commands in __wlan_hdd_cfg80211_set_passpoint_list and hdd_extscan_passpoint_fill_network_list function respectively. Android ID: A-36817548. References: QC-CR#2058447, QC-CR#2054770. | |||||
| CVE-2018-16413 | 1 Imagemagick | 1 Imagemagick | 2019-10-02 | 6.8 MEDIUM | 8.8 HIGH |
| ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the MagickCore/quantum-private.h PushShortPixel function when called from the coders/psd.c ParseImageResourceBlocks function. | |||||
| CVE-2018-16412 | 2 Imagemagick, Opensuse | 2 Imagemagick, Leap | 2019-10-02 | 6.8 MEDIUM | 8.8 HIGH |
| ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the coders/psd.c ParseImageResourceBlocks function. | |||||
| CVE-2018-16403 | 1 Elfutils Project | 1 Elfutils | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarf_getabbrev in dwarf_getabbrev.c and dwarf_hasattr in dwarf_hasattr.c, leading to a heap-based buffer over-read and an application crash. | |||||
| CVE-2017-11002 | 1 Google | 1 Android | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, while processing a vendor sub-command, a buffer over-read can occur. | |||||
| CVE-2018-16368 | 1 Xpdfreader | 1 Xpdf | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm. | |||||
| CVE-2017-10989 | 1 Sqlite | 1 Sqlite | 2019-10-02 | 7.5 HIGH | 9.8 CRITICAL |
| The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact. | |||||
| CVE-2018-16336 | 3 Canonical, Debian, Exiv2 | 3 Ubuntu Linux, Debian Linux, Exiv2 | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| Exiv2::Internal::PngChunk::parseTXTChunk in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file, a different vulnerability than CVE-2018-10999. | |||||
| CVE-2017-10987 | 1 Freeradius | 1 Freeradius | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
| An FR-GV-304 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Buffer over-read in fr_dhcp_decode_suboptions()" and a denial of service. | |||||
| CVE-2017-10982 | 1 Freeradius | 1 Freeradius | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
| An FR-GV-205 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Buffer over-read in fr_dhcp_decode_options()" and a denial of service. | |||||
| CVE-2017-17125 | 1 Gnu | 1 Binutils | 2019-10-02 | 6.8 MEDIUM | 7.8 HIGH |
| nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, which allows remote attackers to cause a denial of service (_bfd_elf_get_symbol_version_string buffer over-read and application crash) or possibly have unspecified other impact via a crafted ELF file. | |||||
| CVE-2017-17080 | 1 Gnu | 1 Binutils | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate sizes of core notes, which allows remote attackers to cause a denial of service (bfd_getl32 heap-based buffer over-read and application crash) via a crafted object file, related to elfcore_grok_netbsd_procinfo, elfcore_grok_openbsd_procinfo, and elfcore_grok_nto_status. | |||||
| CVE-2017-17066 | 2 Getkovri, I2pd | 2 Kovri, I2pd | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
| The (1) i2pd before 2.17 and (2) kovri pre-alpha implementations of the I2P routing protocol do not properly handle Garlic DeliveryTypeTunnel packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading sensitive router memory, aka the GarlicRust bug. | |||||
| CVE-2017-10995 | 1 Imagemagick | 1 Imagemagick | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| The mng_get_long function in coders/png.c in ImageMagick 7.0.6-0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted MNG image. | |||||
| CVE-2017-10928 | 1 Imagemagick | 1 Imagemagick | 2019-10-02 | 6.8 MEDIUM | 8.8 HIGH |
| In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the GetUserSpaceCoordinateValue function in coders/svg.c. | |||||
| CVE-2017-16794 | 1 Swftools | 1 Swftools | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| The png_load function in lib/png.c in SWFTools 0.9.2 does not properly validate a multiplication of width and bits-per-pixel values, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file, as demonstrated by an erroneous png_load call that occurs because of incorrect integer data types in png2swf. | |||||
| CVE-2017-10687 | 1 Libsass | 1 Libsass | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
| In LibSass 3.4.5, there is a heap-based buffer over-read in the function json_mkstream() in sass_context.cpp. A crafted input will lead to a remote denial of service attack. | |||||
| CVE-2017-1000173 | 1 Creolabs | 1 Gravity | 2019-10-02 | 7.5 HIGH | 9.8 CRITICAL |
| Creolabs Gravity Version: 1.0 Heap Overflow Potential Code Execution. By creating a large loop whiling pushing data to a buffer, we can break out of the bounds checking of that buffer. When list.join is called on the data it will read past a buffer resulting in a Heap-Buffer-Overflow. | |||||