Total
3980 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-17879 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2019-10-02 | 6.8 MEDIUM | 8.8 HIGH |
| In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related to length calculation and caused by an off-by-one error. | |||||
| CVE-2017-17818 | 2 Canonical, Nasm | 2 Ubuntu Linux, Netwide Assembler | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
| In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read that will cause a remote denial of service attack, related to a while loop in paste_tokens in asm/preproc.c. | |||||
| CVE-2017-17887 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function GetImagePixelCache in magick/cache.c, which allows attackers to cause a denial of service via a crafted MNG image file that is processed by ReadOneMNGImage. | |||||
| CVE-2017-17680 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted xpm image file. | |||||
| CVE-2017-15218 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png.c. | |||||
| CVE-2017-15217 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c. | |||||
| CVE-2017-15130 | 3 Canonical, Debian, Dovecot | 3 Ubuntu Linux, Debian Linux, Dovecot | 2019-10-02 | 4.3 MEDIUM | 5.9 MEDIUM |
| A denial of service flaw was found in dovecot before 2.2.34. An attacker able to generate random SNI server names could exploit TLS SNI configuration lookups, leading to excessive memory usage and the process to restart. | |||||
| CVE-2017-15033 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
| ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c. | |||||
| CVE-2017-15032 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2019-10-02 | 7.5 HIGH | 9.8 CRITICAL |
| ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c. | |||||
| CVE-2017-17812 | 2 Canonical, Nasm | 2 Ubuntu Linux, Netwide Assembler | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read in the function detoken() in asm/preproc.c that will cause a remote denial of service attack. | |||||
| CVE-2017-14533 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/mat.c. | |||||
| CVE-2017-14531 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2019-10-02 | 7.1 HIGH | 6.5 MEDIUM |
| ImageMagick 7.0.7-0 has a memory exhaustion issue in ReadSUNImage in coders/sun.c. | |||||
| CVE-2017-14495 | 5 Canonical, Debian, Novell and 2 more | 7 Ubuntu Linux, Debian Linux, Leap and 4 more | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
| Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation. | |||||
| CVE-2017-14343 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in coders/xcf.c via a crafted xcf image file. | |||||
| CVE-2017-14326 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file. | |||||
| CVE-2017-14325 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2019-10-02 | 7.1 HIGH | 6.5 MEDIUM |
| In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function PersistPixelCache in magick/cache.c, which allows attackers to cause a denial of service (memory consumption in ReadMPCImage in coders/mpc.c) via a crafted file. | |||||
| CVE-2017-14176 | 2 Canonical, Debian | 3 Bazaar, Ubuntu Linux, Debian Linux | 2019-10-02 | 9.3 HIGH | 8.8 HIGH |
| Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117. | |||||
| CVE-2017-13305 | 3 Canonical, Debian, Google | 3 Ubuntu Linux, Debian Linux, Android | 2019-10-02 | 3.6 LOW | 7.1 HIGH |
| A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID: A-70526974. | |||||
| CVE-2017-13168 | 2 Canonical, Google | 2 Ubuntu Linux, Android | 2019-10-02 | 4.6 MEDIUM | 7.8 HIGH |
| An elevation of privilege vulnerability in the kernel scsi driver. Product: Android. Versions: Android kernel. Android ID A-65023233. | |||||
| CVE-2017-13088 | 7 Canonical, Debian, Freebsd and 4 more | 12 Ubuntu Linux, Debian Linux, Freebsd and 9 more | 2019-10-02 | 2.9 LOW | 5.3 MEDIUM |
| Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients. | |||||