VIR Vulnerability Intelligence Relay

Search

Found 17,004 results in 3688ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2017-15804 critical 9.8 9.8 FIX slesdebian debian gnu 9y ago The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator.
CVE-2011-1935 critical 9.8 9.8 FIX debian debian tcpdump 9y ago pcap-linux.c in libpcap 1.1.1 before commit ea9432fabdf4b33cbc76d9437200e028f1c47c93 when snaplen is set may truncate packets, which might allow remote attackers to send arbitrary data while avoiding…
CVE-2017-15670 critical 9.8 9.8 FIX arch arch slesdebian debian gnu 9y ago The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories u…
CVE-2017-10346 critical 9.6 9.6 FIX sles rheldebian debian oracleredhatnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u14…
CVE-2017-10285 critical 9.6 9.6 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. E…
CVE-2017-8805 critical 9.1 9.1 FIX debian debian debian 9y ago Debian ftpsync before 20171017 does not use the rsync --safe-links option, which allows remote attackers to conduct directory traversal attacks via a crafted upstream mirror.
CVE-2015-7687 critical 9.8 9.8 FIX debian debianfedora fedora openbsd 9y ago Use-after-free vulnerability in OpenSMTPD before 5.7.2 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via vectors involving req_ca_vrfy_smtp and req_ca_vrfy_mt…
CVE-2017-14952 critical 9.8 9.8 FIX arch arch slesdebian debian icu-project 9y ago Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary code via a crafted string, aka a "redundant UVector …
CVE-2017-12629 critical 9.8 10.0 EXPFIX debian debianubuntu ubuntu rhel apacheredhat 9y ago Remote code execution occurs in Apache Solr
CVE-2008-7315 critical 9.8 9.8 FIX debian debian cpan 9y ago UI-Dialog 1.09 and earlier allows remote attackers to execute arbitrary commands.
CVE-2014-9474 critical 9.8 9.8 FIX debian debian mpfr 9y ago Buffer overflow in the mpfr_strtofr function in GNU MPFR before 3.1.2-p11 allows context-dependent attackers to have unspecified impact via vectors related to incorrect documentation for mpn_set_str.
CVE-2017-0903 critical 9.8 9.8 FIX slesubuntu ubuntudebian debian rubygems 9y ago RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted…
CVE-2017-15047 critical 9.8 9.8 FIX debian debian redislabsredis 9y ago The clusterLoadConfig function in cluster.c in Redis 4.0.2 allows attackers to cause a denial of service (out-of-bounds array index and application crash) or possibly have unspecified other impact by…
CVE-2017-15041 critical 9.8 9.8 FIX arch archdebian debian rhel golangredhat 9y ago Remote command execution via "go get" in cmd/go
CVE-2017-15032 critical 9.8 9.8 FIX slesdebian debianubuntu ubuntu imagemagick 9y ago ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.
CVE-2017-14491 critical 9.8 10.0 EXPFIX arch arch slesdebian debian thekelleyssusenvidia 9y ago multiple issues in dnsmasq
CVE-2017-12166 critical 9.8 9.8 FIX slesarch archdebian debian openvpn 9y ago OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution.
CVE-2017-0822 critical 9.8 9.8 debian debian 9y ago An elevation of privilege vulnerability in the Android system (camera). Product: Android. Versions: 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63787722.
CVE-2017-14493 critical 9.8 10.0 EXPFIX arch arch slesdebian debian thekelleys 9y ago multiple issues in dnsmasq
CVE-2017-14492 critical 9.8 10.0 EXPFIX arch arch slesdebian debian thekelleys 9y ago multiple issues in dnsmasq
CVE-2017-12814 critical 9.8 9.8 FIX debian debian perl 9y ago Stack-based buffer overflow in the CPerlHost::Add method in win32/perlhost.h in Perl before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 on Windows allows attackers to execute arbitrary code via a long en…
CVE-2015-7510 critical 9.8 9.8 FIX debian debian systemd_project 9y ago Stack-based buffer overflow in the getpwnam and getgrnam functions of the NSS module nss-mymachines in systemd.
CVE-2012-6696 critical 9.8 9.8 FIX debian debian inspircd 9y ago inspircd in Debian before 2.0.7 does not properly handle unsigned integers. NOTE: This vulnerability exists because of an incomplete fix to CVE-2012-1836.
CVE-2017-14723 critical 9.8 9.8 FIX debian debian wordpress 9y ago Before version 4.8.2, WordPress mishandled % characters and additional placeholder values in $wpdb->prepare, and thus did not properly address the possibility of plugins and themes enabling SQL injec…
CVE-2017-7544 critical 9.1 9.1 FIX arch arch slesdebian debian libexif_project 9y ago libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c caused by improper length computation of the allocated data …
CVE-2017-12170 critical 9.8 9.8 FIX fedora fedoradebian debian pureftpd 9y ago Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was vulnerable to packaging error due to which the original configuration was ignored after update and service started running with defau…
CVE-2015-5284 critical 9.8 9.8 FIX debian debian freeipa 9y ago ipa-kra-install in FreeIPA before 4.2.2 puts the CA agent certificate and private key in /etc/httpd/alias/kra-agent.pem, which is world readable.
CVE-2017-14632 critical 9.8 9.8 FIX arch arch slesdebian debian xiph.org 9y ago Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 5501…
CVE-2017-14626 critical 9.8 9.8 FIX debian debianubuntu ubuntu imagemagick 9y ago ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode in coders/sixel.c.
CVE-2017-14625 critical 9.8 9.8 FIX debian debianubuntu ubuntu imagemagick 9y ago ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_output_create in coders/sixel.c.
CVE-2017-14624 critical 9.8 9.8 FIX debian debianubuntu ubuntu imagemagick 9y ago ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c.
CVE-2015-6673 critical 9.8 9.8 FIX debian debian libpgf 9y ago Use-after-free vulnerability in Decoder.cpp in libpgf before 6.15.32.
CVE-2017-14608 critical 9.1 9.1 FIX slesdebian debian libraw 9y ago In LibRaw through 0.18.4, an out of bounds read flaw related to kodak_65000_load_raw has been reported in dcraw/dcraw.c and internal/dcraw_common.cpp. An attacker could possibly exploit this flaw to …
CVE-2017-12883 critical 9.1 9.1 FIX arch arch slesdebian debian perl 9y ago Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to disclose sensitive information or cause a denial of se…
CVE-2017-14532 critical 9.8 9.8 FIX debian debianubuntu ubuntu imagemagick 9y ago ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in coders/tiff.c.
CVE-2017-13725 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().
CVE-2017-13690 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The IKEv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.
CVE-2017-13689 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print().
CVE-2017-13688 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print().
CVE-2017-13687 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().
CVE-2017-13055 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_is_reach_subtlv().
CVE-2017-13054 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print().
CVE-2017-13053 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info().
CVE-2017-13052 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The CFM parser in tcpdump before 4.9.2 has a buffer over-read in print-cfm.c:cfm_print().
CVE-2017-13051 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
CVE-2017-13050 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print().
CVE-2017-13049 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print().
CVE-2017-13048 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
CVE-2017-13047 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().
CVE-2017-13046 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().
CVE-2017-13045 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The VQP parser in tcpdump before 4.9.2 has a buffer over-read in print-vqp.c:vqp_print().
CVE-2017-13044 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv4_print().
CVE-2017-13043 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_multicast_vpn().
CVE-2017-13042 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv6_print().
CVE-2017-13041 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print().
CVE-2017-13040 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions.
CVE-2017-13039 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.
CVE-2017-13038 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp().
CVE-2017-13037 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts().
CVE-2017-13036 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().
CVE-2017-13035 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_id().
CVE-2017-13034 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().
CVE-2017-13033 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().
CVE-2017-13032 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The RADIUS parser in tcpdump before 4.9.2 has a buffer over-read in print-radius.c:print_attr_string().
CVE-2017-13031 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print().
CVE-2017-13030 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions.
CVE-2017-13029 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options().
CVE-2017-13028 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print().
CVE-2017-13027 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print().
CVE-2017-13026 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c, several functions.
CVE-2017-13025 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().
CVE-2017-13024 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().
CVE-2017-13023 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().
CVE-2017-13022 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute().
CVE-2017-13021 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_print().
CVE-2017-13020 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().
CVE-2017-13019 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().
CVE-2017-13018 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().
CVE-2017-13017 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The DHCPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-dhcp6.c:dhcp6opt_print().
CVE-2017-13016 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().
CVE-2017-13015 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The EAP parser in tcpdump before 4.9.2 has a buffer over-read in print-eap.c:eap_print().
CVE-2017-13014 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The White Board protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-wb.c:wb_prep(), several functions.
CVE-2017-13013 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions.
CVE-2017-13012 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().
CVE-2017-13011 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago Several protocol parsers in tcpdump before 4.9.2 could cause a buffer overflow in util-print.c:bittok2str_internal().
CVE-2017-13010 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart().
CVE-2017-13009 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_print().
CVE-2017-13008 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().
CVE-2017-13007 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The Apple PKTAP parser in tcpdump before 4.9.2 has a buffer over-read in print-pktap.c:pktap_if_print().
CVE-2017-13006 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions.
CVE-2017-13005 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:xid_map_enter().
CVE-2017-13004 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c:juniper_parse_header().
CVE-2017-13003 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The LMP parser in tcpdump before 4.9.2 has a buffer over-read in print-lmp.c:lmp_print().
CVE-2017-13002 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The AODV parser in tcpdump before 4.9.2 has a buffer over-read in print-aodv.c:aodv_extension().
CVE-2017-13001 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:nfs_printfh().
CVE-2017-13000 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_15_4.c:ieee802_15_4_if_print().
CVE-2017-12999 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print().
CVE-2017-12998 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_extd_ip_reach().
CVE-2017-12997 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The LLDP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-lldp.c:lldp_private_8021_print().
CVE-2017-12996 critical 9.8 9.8 FIX arch arch slesdebian debian tcpdump 9y ago The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print().