Search Results (9729 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-13160 1 Google 1 Android 2025-04-20 N/A
A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-37160362.
CVE-2017-13168 2 Canonical, Google 2 Ubuntu Linux, Android 2025-04-20 N/A
An elevation of privilege vulnerability in the kernel scsi driver. Product: Android. Versions: Android kernel. Android ID A-65023233.
CVE-2017-14226 2 Libreoffice, Libwpd 2 Libreoffice, Libwpd 2025-04-20 7.5 High
WP1StylesListener.cpp, WP5StylesListener.cpp, and WP42StylesListener.cpp in libwpd 0.10.1 mishandle iterators, which allows remote attackers to cause a denial of service (heap-based buffer over-read in the WPXTableList class in WPXTable.cpp). This vulnerability can be triggered in LibreOffice before 5.3.7. It may lead to suffering a remote attack against a LibreOffice application.
CVE-2017-14245 2 Debian, Libsndfile Project 2 Debian Linux, Libsndfile 2025-04-20 N/A
An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values.
CVE-2017-14246 2 Debian, Libsndfile Project 2 Debian Linux, Libsndfile 2025-04-20 N/A
An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values.
CVE-2017-14248 1 Imagemagick 1 Imagemagick 2025-04-20 N/A
A heap-based buffer over-read in SampleImage() in MagickCore/resize.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service via a crafted file.
CVE-2017-14314 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2025-04-20 N/A
Off-by-one error in the DrawImage function in magick/render.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (DrawDashPolygon heap-based buffer over-read and application crash) via a crafted file.
CVE-2017-14316 1 Xen 1 Xen 2025-04-20 N/A
A parameter verification issue was discovered in Xen through 4.9.x. The function `alloc_heap_pages` allows callers to specify the first NUMA node that should be used for allocations through the `memflags` parameter; the node is extracted using the `MEMF_get_node` macro. While the function checks to see if the special constant `NUMA_NO_NODE` is specified, it otherwise does not handle the case where `node >= MAX_NUMNODES`. This allows an out-of-bounds access to an internal array.
CVE-2017-14410 1 Mp3gain 1 Mp3gain 2025-04-20 N/A
A buffer over-read was discovered in III_i_stereo in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of service.
CVE-2017-14408 1 Mp3gain 1 Mp3gain 2025-04-20 N/A
A stack-based buffer over-read was discovered in dct36 in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of service.
CVE-2017-14931 1 Openexif Project 1 Openexif 2025-04-20 N/A
ExifImageFile::readDQT in ExifImageFileRead.cpp in OpenExif 2.1.4 allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted JPEG file.
CVE-2017-14939 1 Gnu 1 Binutils 2025-04-20 N/A
decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles a length calculation, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to read_1_byte.
CVE-2017-14976 2 Debian, Freedesktop 2 Debian Linux, Poppler 2025-04-20 N/A
The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a heap-based buffer over-read vulnerability if an out-of-bounds font dictionary index is encountered, which allows an attacker to launch a denial of service attack.
CVE-2017-15018 1 Lame Project 1 Lame 2025-04-20 5.5 Medium
LAME 3.99.5, 3.99.4, 3.99.3, 3.99.2, 3.99.1, 3.99, 3.98.4, 3.98.2 and 3.98 have a heap-based buffer over-read when handling a malformed file in k_34_4 in vbrquantize.c.
CVE-2017-15020 1 Gnu 1 Binutils 2025-04-20 N/A
dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles pointers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file, related to parse_die and parse_line_table, as demonstrated by a parse_die heap-based buffer over-read.
CVE-2017-15021 1 Gnu 1 Binutils 2025-04-20 N/A
bfd_get_debug_link_info_1 in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to bfd_getl32.
CVE-2017-15037 1 Freebsd 1 Freebsd 2025-04-20 N/A
In FreeBSD through 11.1, the smb_strdupin function in sys/netsmb/smb_subr.c has a race condition with a resultant out-of-bounds read, because it can cause t2p->t_name strings to lack a final '\0' character.
CVE-2017-15045 1 Lame Project 1 Lame 2025-04-20 N/A
LAME 3.99, 3.99.1, 3.99.2, 3.99.3, 3.99.4, 3.99.5, 3.98.4, 3.98.2 and 3.98 has a heap-based buffer over-read in fill_buffer in libmp3lame/util.c, related to lame_encode_buffer_sample_t in libmp3lame/lame.c, a different vulnerability than CVE-2017-9410.
CVE-2017-15672 2 Debian, Ffmpeg 2 Debian Linux, Ffmpeg 2025-04-20 N/A
The read_header function in libavcodec/ffv1dec.c in FFmpeg 2.4 and 3.3.4 and possibly earlier allows remote attackers to have unspecified impact via a crafted MP4 file, which triggers an out-of-bounds read.
CVE-2017-16353 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2025-04-20 N/A
GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing the vulnerability is responsible for printing the IPTC Profile information contained in the image. This vulnerability can be triggered with a specially crafted MIFF file. There is an out-of-bounds buffer dereference because certain increments are never checked.