CVE-2017-14624 critical 9.8
9.8
FIX debian ubuntu imagemagick 9y ago
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c.
CVE-2015-6673 critical 9.8
9.8
FIX debian libpgf 9y ago
Use-after-free vulnerability in Decoder.cpp in libpgf before 6.15.32.
CVE-2017-14608 critical 9.1
9.1
FIX sles debian libraw 9y ago
In LibRaw through 0.18.4, an out of bounds read flaw related to kodak_65000_load_raw has been reported in dcraw/dcraw.c and internal/dcraw_common.cpp. An attacker could possibly exploit this flaw to …
CVE-2017-12883 critical 9.1
9.1
FIX arch sles debian perl 9y ago
Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to disclose sensitive information or cause a denial of se…
CVE-2017-14532 critical 9.8
9.8
FIX debian ubuntu imagemagick 9y ago
ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in coders/tiff.c.
CVE-2017-13725 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().
CVE-2017-13690 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The IKEv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.
CVE-2017-13689 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print().
CVE-2017-13688 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print().
CVE-2017-13687 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().
CVE-2017-13055 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_is_reach_subtlv().
CVE-2017-13054 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print().
CVE-2017-13053 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info().
CVE-2017-13052 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The CFM parser in tcpdump before 4.9.2 has a buffer over-read in print-cfm.c:cfm_print().
CVE-2017-13051 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
CVE-2017-13050 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print().
CVE-2017-13049 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print().
CVE-2017-13048 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
CVE-2017-13047 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().
CVE-2017-13046 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().
CVE-2017-13045 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The VQP parser in tcpdump before 4.9.2 has a buffer over-read in print-vqp.c:vqp_print().
CVE-2017-13044 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv4_print().
CVE-2017-13043 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_multicast_vpn().
CVE-2017-13042 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv6_print().
CVE-2017-13041 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print().
CVE-2017-13040 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions.
CVE-2017-13039 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.
CVE-2017-13038 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp().
CVE-2017-13037 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts().
CVE-2017-13036 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().
CVE-2017-13035 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_id().
CVE-2017-13034 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().
CVE-2017-13033 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().
CVE-2017-13032 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The RADIUS parser in tcpdump before 4.9.2 has a buffer over-read in print-radius.c:print_attr_string().
CVE-2017-13031 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print().
CVE-2017-13030 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions.
CVE-2017-13029 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options().
CVE-2017-13028 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print().
CVE-2017-13027 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print().
CVE-2017-13026 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c, several functions.
CVE-2017-13025 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().
CVE-2017-13024 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().
CVE-2017-13023 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().
CVE-2017-13022 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute().
CVE-2017-13021 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_print().
CVE-2017-13020 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().
CVE-2017-13019 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().
CVE-2017-13018 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().
CVE-2017-13017 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The DHCPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-dhcp6.c:dhcp6opt_print().
CVE-2017-13016 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().
CVE-2017-13015 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The EAP parser in tcpdump before 4.9.2 has a buffer over-read in print-eap.c:eap_print().
CVE-2017-13014 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The White Board protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-wb.c:wb_prep(), several functions.
CVE-2017-13013 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions.
CVE-2017-13012 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().
CVE-2017-13011 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
Several protocol parsers in tcpdump before 4.9.2 could cause a buffer overflow in util-print.c:bittok2str_internal().
CVE-2017-13010 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart().
CVE-2017-13009 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_print().
CVE-2017-13008 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().
CVE-2017-13007 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The Apple PKTAP parser in tcpdump before 4.9.2 has a buffer over-read in print-pktap.c:pktap_if_print().
CVE-2017-13006 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions.
CVE-2017-13005 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:xid_map_enter().
CVE-2017-13004 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c:juniper_parse_header().
CVE-2017-13003 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The LMP parser in tcpdump before 4.9.2 has a buffer over-read in print-lmp.c:lmp_print().
CVE-2017-13002 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The AODV parser in tcpdump before 4.9.2 has a buffer over-read in print-aodv.c:aodv_extension().
CVE-2017-13001 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:nfs_printfh().
CVE-2017-13000 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_15_4.c:ieee802_15_4_if_print().
CVE-2017-12999 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print().
CVE-2017-12998 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_extd_ip_reach().
CVE-2017-12997 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The LLDP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-lldp.c:lldp_private_8021_print().
CVE-2017-12996 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print().
CVE-2017-12995 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print().
CVE-2017-12994 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().
CVE-2017-12993 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c, several functions.
CVE-2017-12992 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The RIPng parser in tcpdump before 4.9.2 has a buffer over-read in print-ripng.c:ripng_print().
CVE-2017-12991 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().
CVE-2017-12990 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The ISAKMP parser in tcpdump before 4.9.2 could enter an infinite loop due to bugs in print-isakmp.c, several functions.
CVE-2017-12988 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse().
CVE-2017-12987 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().
CVE-2017-12986 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().
CVE-2017-12985 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print().
CVE-2017-12902 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions.
CVE-2017-12901 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print().
CVE-2017-12900 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-print.c:tok2strbuf().
CVE-2017-12899 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print().
CVE-2017-12898 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply().
CVE-2017-12897 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print().
CVE-2017-12896 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().
CVE-2017-12895 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().
CVE-2017-12894 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring().
CVE-2017-12893 critical 9.8
9.8
FIX arch sles debian tcpdump 9y ago
The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len().
CVE-2017-11462 critical 9.8
9.8
FIX arch sles debian mit 9y ago
Double free vulnerability in MIT Kerberos 5 (aka krb5) allows attackers to have unspecified impact via vectors involving automatic deletion of security contexts on error.
CVE-2015-5206 critical 9.8
9.8
FIX debian apache 9y ago
Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server before 5.3.x before 5.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2015-5168.
CVE-2015-5168 critical 9.8
9.8
FIX debian apache 9y ago
Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2015-5206.
CVE-2017-14265 critical 9.8
9.8
FIX arch sles debian libraw 9y ago
A Stack-based Buffer Overflow was discovered in xtrans_interpolate in internal/dcraw_common.cpp in LibRaw before 0.18.3. It could allow a remote denial of service or code execution attack.
CVE-2017-14230 critical 9.1
9.1
FIX sles debian cyrus 9y ago
In the mboxlist_do_find function in imap/mboxlist.c in Cyrus IMAP before 3.0.4, an off-by-one error in prefix calculation for the LIST command caused use of uninitialized memory, which might allow re…
CVE-2015-3991 critical 9.8
9.8
FIX debian strongswan 9y ago
strongSwan 5.2.2 and 5.3.0 allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code.
CVE-2017-14138 critical 9.8
9.8
FIX sles debian imagemagick 9y ago
ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases, as demonstrated by VP8 errors.
CVE-2017-14122 critical 9.1
9.1
FIX debian rarlab 9y ago
unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a stack-based buffer over-read in unrarlib.c, related to ExtrFile and stricomp.
CVE-2017-14100 critical 9.8
9.8
FIX debian digium 9y ago
In Asterisk 11.x before 11.25.2, 13.x before 13.17.1, and 14.x before 14.6.1 and Certified Asterisk 11.x before 11.6-cert17 and 13.x before 13.13-cert5, unauthorized command execution is possible. Th…
CVE-2017-12873 critical 9.8
9.8
FIX debian simplesamlphp 9y ago
SimpleSAMLphp 1.7.0 through 1.14.10 might allow attackers to obtain sensitive information, gain unauthorized access, or have unspecified other impacts by leveraging incorrect persistent NameID genera…
