CWE:
 

Topic
Date
Author
High
VX Search 10.2.14 Proxy Buffer Overflow (SEH)
18.11.2017
wetw0rk
Med.
tic (GNU ncurses 6.0 library) Stack-based Buffer Overflow
18.11.2017
Hosein Askari
High
Vivotek IP Cameras Remote Stack Overflow
16.11.2017
bashis
High
Xlight FTP Server 3.8.8.5 Buffer Overflow
15.11.2017
bzyo
High
PHP 7.1.8 Heap-Based Buffer Overflow
15.11.2017
Wei Lei
High
Dup Scout Enterprise 10.0.18 Login Buffer Overflow
15.11.2017
sickness
High
Geutebrueck GCore GCoreServer.exe Buffer Overflow
09.11.2017
Maurice Popp
Med.
CoolPlayer+ Portable 2.19.6 Stack Overflow
07.11.2017
1N3@CrowdShield
High
Ipswitch WS_FTP Professional < 12.6.0.3 Local Buffer Overflow (SEH)
06.11.2017
Kevin McGuigan
High
SMPlayer 17.11.0 .m3u Buffer Overflow
06.11.2017
bzyo
High
GraphicsMagick Memory Disclosure / Heap Overflow
03.11.2017
Multiple
High
Tizen Studio 1.3 Smart Development Bridge <2.3.2 Buffer Overflow (PoC)
28.10.2017
Marcin Kopec
High
Easy MPEG/AVI/DIVX/WMV/RM To DVD Buffer Overflow
25.10.2017
Venkat Rajgor
High
binutils 2.29.51.20170921 read_1_byte Heap-Based Buffer Overflow
12.10.2017
Agostino Sarubbo
High
VX Search Enterprise 10.1.12 Buffer Overflow
11.10.2017
Revnic Vasile
Med.
ASX To MP3 Converter Stack Overflow
11.10.2017
Nitesh Shilpkar
High
PyroBatchFTP 3.17 Buffer Overflow
09.10.2017
Kevin McGuigan
High
DiskBoss Enterprise 8.4.16 Local Buffer Overflow
05.10.2017
C4t0ps1s
High
Oracle 9i XDB 9.2.0.1 HTTP PASS Buffer Overflow
26.09.2017
Charles Dardaman
High
Broadcom 802.11v WNM Sleep Mode Response Heap Overflow
26.09.2017
laginimaineb
High
CyberLink LabelPrint < 2.5 Buffer Overflow
25.09.2017
f3ci
High
Apple assembleBGScanResults Heap Overflow
24.09.2017
laginimaineb
High
Apple updateRateSetAsyncCallback Heap Overflow
24.09.2017
laginimaineb
High
Apple AppleBCMWLANCore Driver Heap Overflow
24.09.2017
laginimaineb
High
Apple setVendorIE Heap Overflow / Information Disclosure
24.09.2017
laginimaineb
High
Mongoose Embedded Web Server Library 6.8 Buffer Overflow
23.09.2017
Dobin Rutishauser
Med.
Linux Kernel <= 4.13.1 BlueTooth Buffer Overflow (PoC)
22.09.2017
Marcin Kozlowski
High
Disk Pulse Enterprise 9.9.16 GET Buffer Overflow
21.09.2017
Chance
High
Dameware Mini Remote Control 4.0 Username Stack Buffer Overflow
15.09.2017
james fitts
High
Disk Pulse Server 2.2.34 Buffer Overflow
15.09.2017
james fitts
High
VIPA Automation WinPLC7 5.0.45.5921 Buffer Overflow
15.09.2017
james fitts
High
KingScada AlarmServer 3.1.2.13 Buffer Overflow
15.09.2017
james fitts
Med.
PlugX Controller Stack Overflow
07.09.2017
Professor Plum
High
Gh0st Client Buffer Overflow
07.09.2017
Professor Plum
High
Dup Scout Enterprise 9.9.14 Input Directory Local Buffer Overflow
05.09.2017
Touhid M.Shaikh
High
OpenJPEG 'mqc.c' Heap-Based Buffer Overflow
02.09.2017
Ke Liu
High
Dup Scout Enterprise 9.9.14 Buffer Overflow
29.08.2017
Anurag Srivastava
High
VX Search Enterprise 10.0.14 Buffer Overflow
29.08.2017
Anurag Srivastava
High
DiskBoss Enterprise 8.3.12 Buffer Overflow
29.08.2017
Anurag Srivastava
High
Disk Savvy Enterprise 9.9.14 Buffer Overflow
29.08.2017
Nipun Jaswal & Anurag ...
High
Easy Video to iPod/MP4/PSP/3GP Converter 1.5.20 Buffer Overflow
25.08.2017
Anurag Srivastava
High
My Video Converter 1.5.24 Buffer Overflow
25.08.2017
Anurag Srivastava
High
Easy AVI DivX Converter 1.2.24 Buffer Overflow
25.08.2017
Anurag Srivastava
High
MP3 WAV to CD Burner 1.4.24 Buffer Overflow
25.08.2017
Anurag Srivastava
High
Sync Breeze Enterprise 9.9.16 Buffer Overflow
22.08.2017
Anurag Srivastava
High
Disk Pulse Enterprise 9.9.16 Buffer Overflow
22.08.2017
Anurag Srivastava
High
Disk Sorter Enterprise 9.9.12 Buffer Overflow
22.08.2017
Anurag Srivastava
High
MyDoomScanner 1.00 Local Buffer Overflow
21.08.2017
Anurag Srivastava
High
MessengerScan 1.05 Local Buffer Overflow
19.08.2017
Anurag Srivastava
High
DSScan 1.0 - Local Buffer Overflow
19.08.2017
Anurag Srivastava
High
Internet Download Manager 6.28 Build 17 Buffer Overflow (SEH Unicode)
16.08.2017
f3ci
High
ALLPlayer 7.4 Buffer Overflow (SEH Unicode)
16.08.2017
f3ci
High
DiskBoss Enterprise 8.2.14 Buffer Overflow
31.07.2017
Ahmad Mahfouz
High
GNU libiberty Buffer Overflow
29.07.2017
Marcel Böhme
High
AudioCoder 0.8.46 Local Buffer Overflow
28.07.2017
Muhann4d
High
WebKit WebCore::RenderSearchField::addSearchResult Heap Buffer Overflow
26.07.2017
ifratric
High
MAWK 1.3.3-17 Buffer Overflow
25.07.2017
Juan Sacco
High
Easy Chat Server User Registeration Buffer Overflow
22.07.2017
Marco
High
FTPGetter 5.89.0.85 Buffer Overflow
16.07.2017
Paul Purcell
High
Virtuozzo Power Panel (VZPP) 6.1.2 Buffer Over-Read
07.07.2017
Sipke Mellema
High
Digital Canal Structural Wind Analysis 9.1 Buffer Overflow
02.07.2017
Karn Ganeshen
Med.
LG MRA58K - 'ASFParser::SetMetaData' Stack Overflow
01.07.2017
Google Security Resear...
High
Flat Assembler 1.7.21 - Buffer Overflow
29.06.2017
Juan Sacco
High
FASM 1.7.21 Buffer Overflow
28.06.2017
Juan Sacco
High
IBM DB2 9.7 / 10.1 / 10.5 / 11.1 Command Line Processor Buffer Overflow
27.06.2017
Leon Juranic
High
Microsoft Skype 7.2 / 7.35 / 7.36 Buffer Overflow
26.06.2017
Vulnerability Lab
High
JAD 1.5.8e-1kali1 Buffer Overflow
26.06.2017
Juan Sacco
High
Easy File Sharing HTTP Server 7.2 POST Buffer Overflow
25.06.2017
Marco Rivoli
High
GNU binutils 'decode_pseudodbg_assert_0' Buffer Overflow
20.06.2017
Alexandre Adamski
High
GNU binutils 'disassemble_bytes' Heap Overflow
20.06.2017
Alexandre Adamski
High
GNU binutils 'bfd_get_string' Stack Buffer Overflow
20.06.2017
Alexandre Adamski
High
GNU binutils 'rx_decode_opcode' Buffer Overflow
20.06.2017
Alexandre Adamski
High
GNU binutils 'ieee_object_p' Stack Buffer Overflow
20.06.2017
Alexandre Adamski
Med.
netmask stack-based buffer overflow
20.06.2017
Hosein Askari
High
WebKit JSC Intl.getCanonicalLocales Heap Buffer Overflow
16.06.2017
lokihardt
High
VX Search Enterprise 9.7.18 - Local Buffer Overflow
16.06.2017
Greg Priest
High
Easy MOV Converter 1.4.24 Buffer Overflow
15.06.2017
abatchy17
High
Mapscrn 2.0.3 Buffer Overflow
13.06.2017
Exploit Pack
High
DNSTracer Stack-based Buffer Overflow
05.06.2017
Hosein Askari
High
reiserfstune 3.6.25 Buffer Overflow
03.06.2017
Nassim
High
TiEmu 2.08 Buffer Overflow
31.05.2017
Juan Sacco
High
Skia Graphics Library Heap Overflow
27.05.2017
ifratric
High
Dup Scout Enterprise 9.7.18 - '.xml' Local Buffer Overflow
25.05.2017
Greg Priest
High
HTTrack 3.x Stack Buffer Overflow
24.05.2017
Vulnerability Lab
High
VX Search Enterprise GET Buffer Overflow
23.05.2017
Daniel Teixeira
High
Sure Thing Disc Labeler 6.2.138.0 Buffer Overflow
23.05.2017
Chance Johnson
High
Sync Breeze Enterprise GET Buffer Overflow
23.05.2017
Daniel Teixeira
High
Asterisk 14.4.0 PJSIP 2.6 Heap Overflow
23.05.2017
Alfred and Sandro
High
Belden GarrettCom 6K / 10KT Bypass / Disclosure / Buffer Overflow
20.05.2017
Andrew and David
High
Dup Scout Enterprise 9.5.14 Buffer Overflow
17.05.2017
Daniel Teixeira
High
LabF nfsAxe FTP Client 3.7 Buffer Overflow
17.05.2017
Tulpa
High
EnCase Forensic Imager 7.10 Buffer Overflow
14.05.2017
W. Ettlinger
High
Quest Privilege Manager pmmasterd Buffer Overflow
14.05.2017
m0t
High
Gemalto SmartDiag Diagnosis Tool 2.5 Buffer Overflow
09.05.2017
Majid Alqabandi
High
HTTrack Local Stack Buffer Overflow
08.05.2017
Hosein Askari
High
PrivateTunnel Client 2.8 - Local Buffer Overflow
26.04.2017
Muhann4d
High
Disk Sorter Enterprise 9.5.12 GET Buffer Overflow
25.04.2017
Daniel Teixeira
High
VLC Media Player 2.2.3 DecodeAdpcmImaQ Buffer Overflow
19.04.2017
Sultan albalawi
High
Dmitry(Deepmagic Information Gathering Tool) Local Stack Buffer Overflow
19.04.2017
Hosein Askari (FarazPa...
High
libsndfile flac_buffer_copy buffer overflow
16.04.2017
Agostino Sarubbo


CVEMAP Search Results

CVE
Details
Description
2017-11-05
Medium
CVE-2017-16546

Vendor: Imagemagick
Software: Imagemagick
 

 
The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote attackers to cause a denial of service (use of uninitialized data or invalid memory allocation) or possibly have unspecified other impact via a malformed WPG file.

 
2017-11-03
Medium
CVE-2017-16526

Vendor: Linux
Software: Linux kernel
 

 
drivers/uwb/uwbd.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device.

 
Medium
CVE-2017-16531

Vendor: Linux
Software: Linux kernel
 

 
drivers/usb/core/config.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device, related to the USB_DT_INTERFACE_ASSOCIATION descriptor.

 
Medium
CVE-2017-16534

Vendor: Linux
Software: Linux kernel
 

 
The cdc_parse_cdc_header function in drivers/usb/core/message.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.

 
2017-11-01
Medium
CVE-2017-16352

Vendor: Graphicsmagick
Software: Graphicsmagick
 

 
GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vulnerability found in the "Display visual image directory" feature of the DescribeImage() function of the magick/describe.c file. One possible way to trigger the vulnerability is to run the identify command on a specially crafted MIFF format file with the verbose flag.

 
Medium
CVE-2017-16357

Vendor: Radare
Software: Radare2
 

 
In radare 2.0.1, a memory corruption vulnerability exists in store_versioninfo_gnu_verdef() and store_versioninfo_gnu_verneed() in libr/bin/format/elf/elf.c, as demonstrated by an invalid free. This error is due to improper sh_size validation when allocating memory.

 
2017-10-30
Medium
CVE-2015-3249

Vendor: Apache
Software: Traffic server
 

 
The HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.1 allows remote attackers to cause a denial of service (out-of-bounds access and daemon crash) or possibly execute arbitrary code via vectors related to the (1) frame_handlers array or (2) set_dynamic_table_size function.

 
2017-10-29
Medium
CVE-2017-15996

Vendor: GNU
Software: Binutils
 

 
elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service (excessive memory allocation) or possibly have unspecified other impact via a crafted ELF file that triggers a "buffer overflow on fuzzed archive header," related to an uninitialized variable, an improper conditional jump, and the get_archive_member_name, process_archive_index_and_symbols, and setup_archive functions.

 
2017-10-28
Low
CVE-2017-15953

Vendor: Bchunk project
Software: Bchunk
 

 
bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a heap-based buffer overflow and crash when processing a malformed CUE (.cue) file.

 
Low
CVE-2017-15954

Vendor: Bchunk project
Software: Bchunk
 

 
bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a heap-based buffer overflow (with a resultant invalid free) and crash when processing a malformed CUE (.cue) file.

 

 


Copyright 2017, cxsecurity.com

 

Back to Top