Export limit exceeded: 363304 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 23172 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (23172 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-0438 2 Google, Linux 2 Android, Linux Kernel 2025-04-20 N/A
An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32402604. References: QC-CR#1092497.
CVE-2017-0439 2 Google, Linux 2 Android, Linux Kernel 2025-04-20 N/A
An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32450647. References: QC-CR#1092059.
CVE-2017-0440 2 Google, Linux 2 Android, Linux Kernel 2025-04-20 N/A
An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33252788. References: QC-CR#1095770.
CVE-2017-0442 2 Google, Linux 2 Android, Linux Kernel 2025-04-20 N/A
An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32871330. References: QC-CR#1092497.
CVE-2017-0465 2 Google, Linux 2 Android, Linux Kernel 2025-04-20 N/A
An elevation of privilege vulnerability in the Qualcomm ADSPRPC driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34112914. References: QC-CR#1110747.
CVE-2017-9835 2 Artifex, Debian 2 Ghostscript, Debian Linux 2025-04-20 N/A
The gs_alloc_ref_array function in psi/ialloc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PostScript document. This is related to a lack of an integer overflow check in base/gsalloc.c.
CVE-2017-8818 1 Haxx 2 Curl, Libcurl 2025-04-20 N/A
curl and libcurl before 7.57.0 on 32-bit platforms allow attackers to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact because too little memory is allocated for interfacing to an SSL library.
CVE-2017-9454 1 Resiprocate 1 Resiprocate 2025-04-20 7.5 High
Buffer overflow in the ares_parse_a_reply function in the embedded ares library in ReSIProcate before 1.12.0 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted DNS response.
CVE-2017-7960 1 Gnome 1 Libcroco 2025-04-20 N/A
The cr_input_new_from_uri function in cr-input.c in libcroco 0.6.11 and 0.6.12 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted CSS file.
CVE-2017-7910 1 Digital Canal Structural 1 Wind Analysis 2025-04-20 N/A
A Stack-Based Buffer Overflow issue was discovered in Digital Canal Structural Wind Analysis versions 9.1 and prior. An attacker may be able to run arbitrary code by remotely exploiting an executable to perform a denial-of-service attack.
CVE-2017-7882 1 Libreoffice 1 Libreoffice 2025-04-20 N/A
LibreOffice before 2017-03-14 has an out-of-bounds write related to the HWPFile::TagsRead function in hwpfilter/source/hwpfile.cxx.
CVE-2017-7868 2 Debian, Icu-project 2 Debian Linux, International Components For Unicode 2025-04-20 N/A
International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function.
CVE-2017-7857 1 Freetype 1 Freetype 2025-04-20 9.8 Critical
FreeType 2 before 2017-03-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.
CVE-2017-7856 1 Libreoffice 1 Libreoffice 2025-04-20 N/A
LibreOffice before 2017-03-11 has an out-of-bounds write caused by a heap-based buffer overflow in the SVMConverter::ImplConvertFromSVM1 function in vcl/source/gdi/svmconverter.cxx.
CVE-2017-7036 1 Apple 1 Mac Os X 2025-04-20 N/A
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
CVE-2017-6969 1 Gnu 1 Binutils 2025-04-20 N/A
readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer over-read while processing corrupt RL78 binaries. The vulnerability can trigger program crashes. It may lead to an information leak as well.
CVE-2017-6965 1 Gnu 1 Binutils 2025-04-20 N/A
readelf in GNU Binutils 2.28 writes to illegal addresses while processing corrupt input files containing symbol-difference relocations, leading to a heap-based buffer overflow.
CVE-2017-6891 3 Apache, Debian, Gnu 3 Bookkeeper, Debian Linux, Libtasn1 2025-04-20 8.8 High
Two errors in the "asn1_find_node()" function (lib/parser_aux.c) within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility.
CVE-2017-10942 1 Foxitsoftware 1 Foxit Reader 2025-04-20 N/A
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.0.14878. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-4737.
CVE-2017-10943 1 Foxitsoftware 1 Foxit Reader 2025-04-20 N/A
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.0.14878. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-4738.