Search Results (10202 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-8112 2 Debian, Qemu 2 Debian Linux, Qemu 2025-04-20 6.5 Medium
hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and CPU consumption) via the message ring page count.
CVE-2017-8343 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2025-04-20 N/A
In ImageMagick 7.0.5-5, the ReadAAIImage function in aai.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-8344 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2025-04-20 N/A
In ImageMagick 7.0.5-5, the ReadPCXImage function in pcx.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-8345 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2025-04-20 N/A
In ImageMagick 7.0.5-5, the ReadMNGImage function in png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-8346 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2025-04-20 N/A
In ImageMagick 7.0.5-5, the ReadDCMImage function in dcm.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-8347 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2025-04-20 N/A
In ImageMagick 7.0.5-5, the ReadEXRImage function in exr.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-8348 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2025-04-20 N/A
In ImageMagick 7.0.5-5, the ReadMATImage function in mat.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-8365 2 Debian, Libsndfile Project 2 Debian Linux, Libsndfile 2025-04-20 N/A
The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file.
CVE-2017-8379 3 Debian, Qemu, Redhat 3 Debian Linux, Qemu, Openstack 2025-04-20 6.5 Medium
Memory leak in the keyboard input event handlers support in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) by rapidly generating large keyboard events.
CVE-2017-8810 2 Debian, Mediawiki 2 Debian Linux, Mediawiki 2025-04-20 N/A
MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2, when a private wiki is configured, provides different error messages for failed login attempts depending on whether the username exists, which allows remote attackers to enumerate account names and conduct brute-force attacks via a series of requests.
CVE-2017-8811 2 Debian, Mediawiki 2 Debian Linux, Mediawiki 2025-04-20 N/A
The implementation of raw message parameter expansion in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows HTML mangling attacks.
CVE-2017-8812 2 Debian, Mediawiki 2 Debian Linux, Mediawiki 2025-04-20 N/A
MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows remote attackers to inject > (greater than) characters via the id attribute of a headline.
CVE-2017-8814 2 Debian, Mediawiki 2 Debian Linux, Mediawiki 2025-04-20 N/A
The language converter in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows attackers to replace text inside tags via a rule definition followed by "a lot of junk."
CVE-2017-8815 2 Debian, Mediawiki 2 Debian Linux, Mediawiki 2025-04-20 N/A
The language converter in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows attribute injection attacks via glossary rules.
CVE-2017-8846 2 Debian, Long Range Zip Project 2 Debian Linux, Long Range Zip 2025-04-20 5.5 Medium
The read_stream function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted archive.
CVE-2017-8849 2 Debian, Smb4k Project 2 Debian Linux, Smb4k 2025-04-20 N/A
smb4k before 2.0.1 allows local users to gain root privileges by leveraging failure to verify arguments to the mount helper DBUS service.
CVE-2017-9078 3 Debian, Dropbear Ssh Project, Netapp 4 Debian Linux, Dropbear Ssh, H410c and 1 more 2025-04-20 8.8 High
The server in Dropbear before 2017.75 might allow post-authentication root remote code execution because of a double free in cleanup of TCP listeners when the -a option is enabled.
CVE-2017-9079 2 Debian, Dropbear Ssh Project 2 Debian Linux, Dropbear Ssh 2025-04-20 N/A
Dropbear before 2017.75 might allow local users to read certain files as root, if the file has the authorized_keys file format with a command= option. This occurs because ~/.ssh/authorized_keys is read with root privileges and symlinks are followed.
CVE-2017-9141 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2025-04-20 6.5 Medium
In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the ResetImageProfileIterator function in MagickCore/profile.c because of missing checks in the ReadDDSImage function in coders/dds.c.
CVE-2017-9142 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2025-04-20 6.5 Medium
In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the WriteBlob function in MagickCore/blob.c because of missing checks in the ReadOneJNGImage function in coders/png.c.