Export limit exceeded: 361486 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 361486 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 15928 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (15928 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-12283 | 1 Cisco | 4 Aironet 3800 Firmware, Aironet 3800e, Aironet 3800i and 1 more | 2025-04-20 | N/A |
| A vulnerability in the handling of 802.11w Protected Management Frames (PAF) by Cisco Aironet 3800 Series Access Points could allow an unauthenticated, adjacent attacker to terminate a valid user connection to an affected device, aka Denial of Service. The vulnerability exists because the affected device does not properly validate 802.11w PAF disassociation and deauthentication frames that it receives. An attacker could exploit this vulnerability by sending a spoofed 802.11w PAF frame from a valid, authenticated client on an adjacent network to an affected device. A successful exploit could allow the attacker to terminate a single valid user connection to the affected device. This vulnerability affects Access Points that are configured to run in FlexConnect mode. Cisco Bug IDs: CSCvc20627. | ||||
| CVE-2017-12418 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | N/A |
| ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in MagickCore/constitute.c. | ||||
| CVE-2017-12420 | 1 Netapp | 1 Clustered Data Ontap | 2025-04-20 | N/A |
| Heap-based buffer overflow in the SMB implementation in NetApp Clustered Data ONTAP before 8.3.2P8 and 9.0 before P2 allows remote authenticated users to cause a denial of service or execute arbitrary code. | ||||
| CVE-2017-14493 | 5 Canonical, Debian, Opensuse and 2 more | 9 Ubuntu Linux, Debian Linux, Leap and 6 more | 2025-04-20 | N/A |
| Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request. | ||||
| CVE-2017-6688 | 1 Cisco | 1 Elastic Services Controller | 2025-04-20 | N/A |
| A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in to an affected system as the Linux root user, aka an Insecure Default Password Vulnerability. More Information: CSCvc76631. Known Affected Releases: 2.2(9.76). | ||||
| CVE-2017-7117 | 2 Apple, Microsoft | 6 Icloud, Iphone Os, Itunes and 3 more | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | ||||
| CVE-2017-14505 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | N/A |
| DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 mishandles certain NULL arrays, which allows attackers to perform Denial of Service (NULL pointer dereference and application crash in AcquireQuantumMemory within MagickCore/memory.c) by providing a crafted Image File as input. | ||||
| CVE-2017-12562 | 2 Debian, Libsndfile Project | 2 Debian Linux, Libsndfile | 2025-04-20 | 9.8 Critical |
| Heap-based Buffer Overflow in the psf_binheader_writef function in common.c in libsndfile through 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | ||||
| CVE-2017-12662 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 8.8 High |
| ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePDFImage in coders/pdf.c. | ||||
| CVE-2017-12663 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 8.8 High |
| ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMAPImage in coders/map.c. | ||||
| CVE-2017-14563 | 1 Stdutility | 1 Stdu Viewer | 2025-04-20 | N/A |
| STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "Read Access Violation on Block Data Move starting at STDUXPSFile!DllUnregisterServer+0x0000000000005311." | ||||
| CVE-2017-14564 | 1 Stdutility | 1 Stdu Viewer | 2025-04-20 | N/A |
| STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at STDUXPSFile!DllUnregisterServer+0x0000000000028657." | ||||
| CVE-2017-14565 | 1 Stdutility | 1 Stdu Viewer | 2025-04-20 | N/A |
| STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to a "Possible Stack Corruption starting at Unknown Symbol @ 0x00000000038f2fbf called from image00000000_00400000+0x0000000000240065." | ||||
| CVE-2017-14566 | 1 Stdutility | 1 Stdu Viewer | 2025-04-20 | N/A |
| STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV starting at Unknown Symbol @ 0x00000000039d76c4 called from Unknown Symbol @ 0x0000000000049d2c." | ||||
| CVE-2017-14567 | 1 Stdutility | 1 Stdu Viewer | 2025-04-20 | N/A |
| STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to an "Illegal Instruction Violation starting at Unknown Symbol @ 0x00000000028c024d called from STDUXPSFile!DllUnregisterServer+0x000000000002e77b." | ||||
| CVE-2017-12786 | 1 Noviflow | 1 Noviware | 2025-04-20 | N/A |
| Network interfaces of the cliengine and noviengine services, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an operator attempts to modify ACLs, because of a bug when ACL modifications are applied. This could be leveraged by remote, unauthenticated attackers to gain resultant privileged (root) code execution on the switch, because there is a stack-based buffer overflow during unserialization of packet data. | ||||
| CVE-2017-12787 | 1 Noviflow | 1 Noviware | 2025-04-20 | N/A |
| A network interface of the novi_process_manager_daemon service, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an operator attempts to modify ACLs, because of a bug when ACL modifications are applied. This could be leveraged by remote, unauthenticated attackers to gain resultant privileged (root) code execution on the switch, because incoming packet data can contain embedded OS commands, and can also trigger a stack-based buffer overflow. | ||||
| CVE-2017-12820 | 1 Sentinel | 1 Sentinel Ldk Rte Firmware | 2025-04-20 | N/A |
| Arbitrary memory read from controlled memory pointer in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to remote denial of service. | ||||
| CVE-2017-9669 | 1 Alpinelinux | 1 Alpine Linux | 2025-04-20 | N/A |
| A heap overflow in apk (Alpine Linux's package manager) allows a remote attacker to cause a denial of service, or achieve code execution by crafting a malicious APKINDEX.tar.gz file. | ||||
| CVE-2017-12840 | 1 Deslock | 1 Deslock\+ | 2025-04-20 | N/A |
| A kernel driver, namely DLMFENC.sys, bundled with the DESLock+ client application 4.8.16 and earlier contains a locally exploitable heap based buffer overflow in the handling of an IOCTL message of type 0x0FA4204. The vulnerability is present due to the kernel driver failing to allocate sufficient memory on the kernel heap to contain a user supplied string as such the string is copied into a buffer of constant size (0x1000-bytes) and thus an overflow condition results. Access to the kernel driver is permitted through an obfuscated interface whereby bytes of user supplied message are "authenticated" via an obfuscation routine employing a linear equation. | ||||