Total
4813 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-12956 | 1 Exiv2 | 1 Exiv2 | 2017-08-22 | 4.3 MEDIUM | 6.5 MEDIUM |
| There is an illegal address access in Exiv2::FileIo::path[abi:cxx11]() in basicio.cpp of libexiv2 in Exiv2 0.26 that will lead to remote denial of service. | |||||
| CVE-2017-11662 | 1 Mindwerks | 1 Wildmidi | 2017-08-21 | 5.0 MEDIUM | 7.5 HIGH |
| The _WM_ParseNewMidi function in f_midi.c in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file. | |||||
| CVE-2017-11663 | 1 Mindwerks | 1 Wildmidi | 2017-08-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| The _WM_SetupMidiEvent function in internal_midi.c:2315 in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file. | |||||
| CVE-2017-11661 | 1 Mindwerks | 1 Wildmidi | 2017-08-21 | 5.0 MEDIUM | 7.5 HIGH |
| The _WM_SetupMidiEvent function in internal_midi.c:2318 in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file. | |||||
| CVE-2017-12963 | 1 Libsass | 1 Libsass | 2017-08-21 | 5.0 MEDIUM | 7.5 HIGH |
| There is an illegal address access in Sass::Eval::operator() in eval.cpp of LibSass 3.4.5, leading to a remote denial of service attack. NOTE: this is similar to CVE-2017-11555 but remains exploitable after the vendor's CVE-2017-11555 fix (available from GitHub after 2017-07-24). | |||||
| CVE-2017-8258 | 1 Google | 1 Android | 2017-08-16 | 4.3 MEDIUM | 5.5 MEDIUM |
| An array out-of-bounds access in all Qualcomm products with Android releases from CAF using the Linux kernel can potentially occur in a camera driver. | |||||
| CVE-2017-11669 | 1 Eapmd5pass Project | 1 Eapmd5pass | 2017-08-14 | 5.0 MEDIUM | 7.5 HIGH |
| An out-of-bounds read flaw related to the assess_packet function in eapmd5pass.c:211 was found in the way eapmd5pass 1.4 handled processing of network packets. A remote attacker could potentially use this flaw to crash the eapmd5pass process under certain circumstances by generating specially crafted network traffic. | |||||
| CVE-2017-11670 | 1 Eapmd5pass Project | 1 Eapmd5pass | 2017-08-14 | 5.0 MEDIUM | 7.5 HIGH |
| A length validation (leading to out-of-bounds read and write) flaw was found in the way eapmd5pass 1.4 handled network traffic in the extract_eapusername function. A remote attacker could potentially use this flaw to crash the eapmd5pass process by generating specially crafted network traffic. | |||||
| CVE-2017-11668 | 1 Eapmd5pass Project | 1 Eapmd5pass | 2017-08-14 | 5.0 MEDIUM | 7.5 HIGH |
| An out-of-bounds read flaw related to the assess_packet function in eapmd5pass.c:134 was found in the way eapmd5pass 1.4 handled processing of network packets. A remote attacker could potentially use this flaw to crash the eapmd5pass process under certain circumstances by generating specially crafted network traffic. | |||||
| CVE-2017-12067 | 1 Potrace Project | 1 Potrace | 2017-08-09 | 5.0 MEDIUM | 7.5 HIGH |
| Potrace 1.14 has a heap-based buffer over-read in the interpolate_cubic function in mkbitmap.c. | |||||
| CVE-2017-9770 | 1 Razerzone | 1 Razer Synapse | 2017-08-09 | 2.1 LOW | 5.5 MEDIUM |
| A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse that can cause an out of bounds read operation to occur due to a field within the IOCTL data being used as a length. | |||||
| CVE-2017-11367 | 1 Shoco Project | 1 Shoco | 2017-08-07 | 5.0 MEDIUM | 7.5 HIGH |
| The shoco_decompress function in the API in shoco through 2017-07-17 allows remote attackers to cause a denial of service (buffer over-read and application crash) via malformed compressed data. | |||||
| CVE-2017-12449 | 1 Gnu | 1 Binutils | 2017-08-07 | 6.8 MEDIUM | 7.8 HIGH |
| The _bfd_vms_save_sized_string function in vms-misc.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms file. | |||||
| CVE-2017-12451 | 1 Gnu | 1 Binutils | 2017-08-07 | 6.8 MEDIUM | 7.8 HIGH |
| The _bfd_xcoff_read_ar_hdr function in bfd/coff-rs6000.c and bfd/coff64-rs6000.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds stack read via a crafted COFF image file. | |||||
| CVE-2017-12452 | 1 Gnu | 1 Binutils | 2017-08-07 | 6.8 MEDIUM | 7.8 HIGH |
| The bfd_mach_o_i386_canonicalize_one_reloc function in bfd/mach-o-i386.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted mach-o file. | |||||
| CVE-2017-12453 | 1 Gnu | 1 Binutils | 2017-08-07 | 6.8 MEDIUM | 7.8 HIGH |
| The _bfd_vms_slurp_eeom function in libbfd.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file. | |||||
| CVE-2017-11119 | 1 Nosefart Project | 1 Nosefart | 2017-08-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| The chk_mem_access function in cpu/nes6502/nes6502.c in libnosefart.a in Nosefart 2.9-mls allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted nsf file. | |||||
| CVE-2017-11114 | 1 Twibright | 1 Links | 2017-08-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| The put_chars function in html_r.c in Twibright Links 2.14 allows remote attackers to cause a denial of service (buffer over-read) via a crafted HTML file. | |||||
| CVE-2017-12458 | 1 Gnu | 1 Binutils | 2017-08-07 | 6.8 MEDIUM | 7.8 HIGH |
| The nlm_swap_auxiliary_headers_in function in bfd/nlmcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted nlm file. | |||||
| CVE-2017-12454 | 1 Gnu | 1 Binutils | 2017-08-07 | 6.8 MEDIUM | 7.8 HIGH |
| The _bfd_vms_slurp_egsd function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an arbitrary memory read via a crafted vms alpha file. | |||||