Total
13909 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-9669 | 1 Alpinelinux | 1 Alpine Linux | 2025-04-20 | N/A |
| A heap overflow in apk (Alpine Linux's package manager) allows a remote attacker to cause a denial of service, or achieve code execution by crafting a malicious APKINDEX.tar.gz file. | ||||
| CVE-2017-9671 | 1 Alpinelinux | 1 Alpine Linux | 2025-04-20 | N/A |
| A heap overflow in apk (Alpine Linux's package manager) allows a remote attacker to cause a denial of service, or achieve code execution, by crafting a malicious APKINDEX.tar.gz file with a bad pax header block. | ||||
| CVE-2017-9742 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| The score_opcodes function in opcodes/score7-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. | ||||
| CVE-2017-11869 | 1 Microsoft | 9 Internet Explorer, Windows 10, Windows 7 and 6 more | 2025-04-20 | N/A |
| Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how Microsoft browsers handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873. | ||||
| CVE-2017-9047 | 2 Redhat, Xmlsoft | 2 Jboss Core Services, Libxml2 | 2025-04-20 | N/A |
| A buffer overflow was discovered in libxml2 20904-GITv2.9.4-16-g0741801. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. The variable len is assigned strlen(buf). If the content->type is XML_ELEMENT_CONTENT_ELEMENT, then (i) the content->prefix is appended to buf (if it actually fits) whereupon (ii) content->name is written to the buffer. However, the check for whether the content->name actually fits also uses 'len' rather than the updated buffer length strlen(buf). This allows us to write about "size" many bytes beyond the allocated memory. This vulnerability causes programs that use libxml2, such as PHP, to crash. | ||||
| CVE-2017-9126 | 1 Libquicktime | 1 Libquicktime | 2025-04-20 | N/A |
| The quicktime_read_dref_table function in dref.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted mp4 file. | ||||
| CVE-2017-9151 | 1 Autotrace Project | 1 Autotrace | 2025-04-20 | N/A |
| libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the pnm_load_ascii function in input-pnm.c:303:12. | ||||
| CVE-2017-9153 | 1 Autotrace Project | 1 Autotrace | 2025-04-20 | N/A |
| libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the pnm_load_rawpbm function in input-pnm.c:391:13. | ||||
| CVE-2017-9160 | 1 Autotrace Project | 1 Autotrace | 2025-04-20 | N/A |
| libautotrace.a in AutoTrace 0.31.1 has a stack-based buffer overflow in the pnmscanner_gettoken function in input-pnm.c:458:12. | ||||
| CVE-2017-9163 | 1 Autotrace Project | 1 Autotrace | 2025-04-20 | N/A |
| libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in pxl-outline.c:106:54. | ||||
| CVE-2017-9191 | 1 Autotrace Project | 1 Autotrace | 2025-04-20 | N/A |
| libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the rle_fread function in input-tga.c:252:15. | ||||
| CVE-2017-9192 | 1 Autotrace Project | 1 Autotrace | 2025-04-20 | N/A |
| libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-tga.c:528:7. | ||||
| CVE-2017-9300 | 1 Videolan | 1 Vlc Media Player | 2025-04-20 | N/A |
| plugins\codec\libflac_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly have unspecified other impact via a crafted FLAC file. | ||||
| CVE-2017-10739 | 2 Microsoft, Xnview | 2 Windows, Xnview | 2025-04-20 | N/A |
| XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Data Execution Prevention Violation starting at Unknown Symbol @ 0x000000000c1b541c called from xnview+0x00000000003826ec." | ||||
| CVE-2017-10741 | 2 Microsoft, Xnview | 2 Windows, Xnview | 2025-04-20 | N/A |
| XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlpWaitOnCriticalSection+0x0000000000000121." | ||||
| CVE-2017-10744 | 2 Microsoft, Xnview | 2 Windows, Xnview | 2025-04-20 | N/A |
| XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Read Access Violation on Control Flow starting at COMCTL32!CToolTipsMgr::s_ToolTipsWndProc+0x0000000000000032." | ||||
| CVE-2017-10746 | 2 Microsoft, Xnview | 2 Windows, Xnview | 2025-04-20 | N/A |
| XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlEnterCriticalSection+0x0000000000000012." | ||||
| CVE-2017-9348 | 1 Wireshark | 1 Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.2.0 to 2.2.6, the DOF dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-dof.c by validating a size value. | ||||
| CVE-2017-10751 | 2 Microsoft, Xnview | 2 Windows, Xnview | 2025-04-20 | N/A |
| XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at GDI32!GenericEngineGetGlyphs+0x0000000000000133." | ||||
| CVE-2017-10753 | 2 Microsoft, Xnview | 2 Windows, Xnview | 2025-04-20 | N/A |
| XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpFindLoadedDllByMapping+0x0000000000000046." | ||||