Search Results (10052 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-12562 2 Debian, Libsndfile Project 2 Debian Linux, Libsndfile 2025-04-20 9.8 Critical
Heap-based Buffer Overflow in the psf_binheader_writef function in common.c in libsndfile through 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
CVE-2017-12136 3 Citrix, Debian, Xen 3 Xenserver, Debian Linux, Xen 2025-04-20 N/A
Race condition in the grant table code in Xen 4.6.x through 4.9.x allows local guest OS administrators to cause a denial of service (free list corruption and host crash) or gain privileges on the host via vectors involving maptrack free list handling.
CVE-2017-10355 4 Debian, Netapp, Oracle and 1 more 34 Debian Linux, Active Iq Unified Manager, Cloud Backup and 31 more 2025-04-20 5.3 Medium
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
CVE-2017-10357 4 Debian, Netapp, Oracle and 1 more 33 Debian Linux, Active Iq Unified Manager, Cloud Backup and 30 more 2025-04-20 5.3 Medium
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
CVE-2017-10356 4 Debian, Netapp, Oracle and 1 more 33 Debian Linux, Active Iq Unified Manager, Cloud Backup and 30 more 2025-04-20 6.2 Medium
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, Java SE Embedded, JRockit executes to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.2 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
CVE-2017-9935 3 Canonical, Debian, Libtiff 3 Ubuntu Linux, Debian Linux, Libtiff 2025-04-20 N/A
In LibTIFF 4.0.8, there is a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. This heap overflow could lead to different damages. For example, a crafted TIFF document can lead to an out-of-bounds read in TIFFCleanup, an invalid free in TIFFClose or t2p_free, memory corruption in t2p_readwrite_pdf_image, or a double free in t2p_free. Given these possibilities, it probably could cause arbitrary code execution.
CVE-2017-15575 2 Debian, Redmine 2 Debian Linux, Redmine 2025-04-20 N/A
In Redmine before 3.2.6 and 3.3.x before 3.3.3, Redmine.pm lacks a check for whether the Repository module is enabled in a project's settings, which might allow remote attackers to obtain sensitive differences information or possibly have unspecified other impact.
CVE-2017-14604 3 Debian, Gnome, Redhat 3 Debian Linux, Nautilus, Enterprise Linux 2025-04-20 6.5 Medium
GNOME Nautilus before 3.23.90 allows attackers to spoof a file type by using the .desktop file extension, as demonstrated by an attack in which a .desktop file's Name field ends in .pdf but this file's Exec field launches a malicious "sh -c" command. In other words, Nautilus provides no UI indication that a file actually has the potentially unsafe .desktop extension; instead, the UI only shows the .pdf extension. One (slightly) mitigating factor is that an attack requires the .desktop file to have execute permission. The solution is to ask the user to confirm that the file is supposed to be treated as a .desktop file, and then remember the user's answer in the metadata::trusted field.
CVE-2017-6834 2 Audiofile, Debian 2 Audiofile, Debian Linux 2025-04-20 5.5 Medium
Heap-based buffer overflow in the ulaw2linear_buf function in G711.cpp in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0, 0.2.7 allows remote attackers to cause a denial of service (crash) via a crafted file.
CVE-2017-17789 3 Canonical, Debian, Gimp 3 Ubuntu Linux, Debian Linux, Gimp 2025-04-20 7.8 High
In GIMP 2.8.22, there is a heap-based buffer overflow in read_channel_data in plug-ins/common/file-psp.c.
CVE-2017-0379 2 Debian, Gnupg 2 Debian Linux, Libgcrypt 2025-04-20 N/A
Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c.
CVE-2017-17784 3 Canonical, Debian, Gimp 3 Ubuntu Linux, Debian Linux, Gimp 2025-04-20 7.8 High
In GIMP 2.8.22, there is a heap-based buffer over-read in load_image in plug-ins/common/file-gbr.c in the gbr import parser, related to mishandling of UTF-8 data.
CVE-2017-12629 4 Apache, Canonical, Debian and 1 more 9 Solr, Ubuntu Linux, Debian Linux and 6 more 2025-04-20 9.8 Critical
Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is NOT vulnerable to this. Note that the XML external entity expansion vulnerability occurs in the XML Query Parser which is available, by default, for any query request with parameters deftype=xmlparser and can be exploited to upload malicious data to the /upload request handler or as Blind XXE using ftp wrapper in order to read arbitrary local files from the Solr server. Note also that the second vulnerability relates to remote code execution using the RunExecutableListener available on all affected versions of Solr.
CVE-2017-17760 2 Debian, Opencv 2 Debian Linux, Opencv 2025-04-20 6.5 Medium
OpenCV 3.3.1 has a Buffer Overflow in the cv::PxMDecoder::readData function in grfmt_pxm.cpp, because an incorrect size value is used.
CVE-2017-14733 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2025-04-20 N/A
ReadRLEImage in coders/rle.c in GraphicsMagick 1.3.26 mishandles RLE headers that specify too few colors, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
CVE-2017-14737 2 Botan Project, Debian 2 Botan, Debian Linux 2025-04-20 5.5 Medium
A cryptographic cache-based side channel in the RSA implementation in Botan before 1.10.17, and 1.11.x and 2.x before 2.3.0, allows a local attacker to recover information about RSA secret keys, as demonstrated by CacheD. This occurs because an array is indexed with bits derived from a secret key.
CVE-2017-6801 2 Debian, Ytnef Project 2 Debian Linux, Ytnef 2025-04-20 N/A
An issue was discovered in ytnef before 1.9.2. There is a potential out-of-bounds access with fields of Size 0 in TNEFParse() in libytnef.
CVE-2017-14494 5 Canonical, Debian, Novell and 2 more 9 Ubuntu Linux, Debian Linux, Leap and 6 more 2025-04-20 N/A
dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.
CVE-2016-2371 3 Canonical, Debian, Pidgin 3 Ubuntu Linux, Debian Linux, Pidgin 2025-04-20 N/A
An out-of-bounds write vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could cause memory corruption resulting in code execution.
CVE-2017-12809 2 Debian, Qemu 2 Debian Linux, Qemu 2025-04-20 6.5 Medium
QEMU (aka Quick Emulator), when built with the IDE disk and CD/DVD-ROM Emulator support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by flushing an empty CDROM device drive.