Total
6546 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-13055 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_is_reach_subtlv(). | |||||
| CVE-2017-12985 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print(). | |||||
| CVE-2017-2975 | 1 Adobe | 1 Digital Editions | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Digital Editions versions 4.5.3 and earlier have an exploitable buffer over-read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2017-14731 | 1 Libofx Project | 1 Libofx | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| ofx_proc_file in ofx_preproc.cpp in LibOFX 0.9.12 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file, as demonstrated by an ofxdump call. | |||||
| CVE-2017-8268 | 1 Google | 1 Android | 2019-10-03 | 9.3 HIGH | 7.8 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, the camera application can possibly request frame/command buffer processing with invalid values leading to the driver performing a heap buffer over-read. | |||||
| CVE-2017-2977 | 1 Adobe | 1 Digital Editions | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Digital Editions versions 4.5.3 and earlier have an exploitable buffer over-read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2017-10989 | 1 Sqlite | 1 Sqlite | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact. | |||||
| CVE-2017-13031 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print(). | |||||
| CVE-2017-9715 | 1 Google | 1 Android | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a vendor command, a buffer over-read can occur. | |||||
| CVE-2017-9545 | 1 Mpg123 | 1 Mpg123 | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| The next_text function in src/libmpg123/id3.c in mpg123 1.24.0 allows remote attackers to cause a denial of service (buffer over-read) via a crafted mp3 file. | |||||
| CVE-2018-10767 | 2 Gnome, Redhat | 5 Libgxps, Ansible Tower, Enterprise Linux Desktop and 2 more | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| There is a stack-based buffer over-read in calling GLib in the function gxps_images_guess_content_type of gxps-images.c in libgxps through 0.3.0 because it does not reject negative return values from a g_input_stream_read call. A crafted input will lead to a remote denial of service attack. | |||||
| CVE-2018-20201 | 1 Pur3 | 1 Espruino | 2019-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| There is a stack-based buffer over-read in the jsfNameFromString function of jsflash.c in Espruino 2V00, leading to a denial of service or possibly unspecified other impact via a crafted js file. | |||||
| CVE-2018-4283 | 1 Apple | 1 Mac Os X | 2019-10-03 | 4.9 MEDIUM | 5.5 MEDIUM |
| An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue affected versions prior to macOS High Sierra 10.13.6. | |||||
| CVE-2017-11108 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol. | |||||
| CVE-2017-8787 | 1 Podofo Project | 1 Podofo | 2019-10-03 | 6.8 MEDIUM | 8.8 HIGH |
| The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function in base/PdfXRefStreamParserObject.cpp:224 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted PDF file. | |||||
| CVE-2018-12092 | 1 Tinyexr Project | 1 Tinyexr | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| tinyexr 0.9.5 has a heap-based buffer over-read in tinyexr::DecodePixelData in tinyexr.h, related to OpenEXR code. | |||||
| CVE-2018-15363 | 2 Microsoft, Trendmicro | 5 Windows, Antivirus \+ Security, Internet Security and 2 more | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| An Out-of-Bounds Read Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit the vulnerability. | |||||
| CVE-2017-13022 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute(). | |||||
| CVE-2017-13053 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info(). | |||||
| CVE-2017-13038 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp(). | |||||