CWE:
 

Topic
Date
Author
High
GNU C Library ld.so Memory Leak / Buffer Overflow
13.12.2017
Qualys
High
Advantech WebAccess 8.2 Stack Buffer Overflow
13.12.2017
mr_me
High
Axis Communications MPQT/PACS Heap Overflow / Information Leakage
04.12.2017
bashis
High
QEMU NBD Server Long Export Name Stack Buffer Overflow
30.11.2017
Eric Blake
High
VX Search 10.2.14 Proxy Buffer Overflow (SEH)
18.11.2017
wetw0rk
Med.
tic (GNU ncurses 6.0 library) Stack-based Buffer Overflow
18.11.2017
Hosein Askari
High
Vivotek IP Cameras Remote Stack Overflow
16.11.2017
bashis
High
Xlight FTP Server 3.8.8.5 Buffer Overflow
15.11.2017
bzyo
High
PHP 7.1.8 Heap-Based Buffer Overflow
15.11.2017
Wei Lei
High
Dup Scout Enterprise 10.0.18 Login Buffer Overflow
15.11.2017
sickness
High
Geutebrueck GCore GCoreServer.exe Buffer Overflow
09.11.2017
Maurice Popp
Med.
CoolPlayer+ Portable 2.19.6 Stack Overflow
07.11.2017
1N3@CrowdShield
High
Ipswitch WS_FTP Professional < 12.6.0.3 Local Buffer Overflow (SEH)
06.11.2017
Kevin McGuigan
High
SMPlayer 17.11.0 .m3u Buffer Overflow
06.11.2017
bzyo
High
GraphicsMagick Memory Disclosure / Heap Overflow
03.11.2017
Multiple
High
Tizen Studio 1.3 Smart Development Bridge <2.3.2 Buffer Overflow (PoC)
28.10.2017
Marcin Kopec
High
Easy MPEG/AVI/DIVX/WMV/RM To DVD Buffer Overflow
25.10.2017
Venkat Rajgor
High
binutils 2.29.51.20170921 read_1_byte Heap-Based Buffer Overflow
12.10.2017
Agostino Sarubbo
High
VX Search Enterprise 10.1.12 Buffer Overflow
11.10.2017
Revnic Vasile
Med.
ASX To MP3 Converter Stack Overflow
11.10.2017
Nitesh Shilpkar
High
PyroBatchFTP 3.17 Buffer Overflow
09.10.2017
Kevin McGuigan
High
DiskBoss Enterprise 8.4.16 Local Buffer Overflow
05.10.2017
C4t0ps1s
High
Oracle 9i XDB 9.2.0.1 HTTP PASS Buffer Overflow
26.09.2017
Charles Dardaman
High
Broadcom 802.11v WNM Sleep Mode Response Heap Overflow
26.09.2017
laginimaineb
High
CyberLink LabelPrint < 2.5 Buffer Overflow
25.09.2017
f3ci
High
Apple assembleBGScanResults Heap Overflow
24.09.2017
laginimaineb
High
Apple updateRateSetAsyncCallback Heap Overflow
24.09.2017
laginimaineb
High
Apple AppleBCMWLANCore Driver Heap Overflow
24.09.2017
laginimaineb
High
Apple setVendorIE Heap Overflow / Information Disclosure
24.09.2017
laginimaineb
High
Mongoose Embedded Web Server Library 6.8 Buffer Overflow
23.09.2017
Dobin Rutishauser
Med.
Linux Kernel <= 4.13.1 BlueTooth Buffer Overflow (PoC)
22.09.2017
Marcin Kozlowski
High
Disk Pulse Enterprise 9.9.16 GET Buffer Overflow
21.09.2017
Chance
High
Dameware Mini Remote Control 4.0 Username Stack Buffer Overflow
15.09.2017
james fitts
High
Disk Pulse Server 2.2.34 Buffer Overflow
15.09.2017
james fitts
High
VIPA Automation WinPLC7 5.0.45.5921 Buffer Overflow
15.09.2017
james fitts
High
KingScada AlarmServer 3.1.2.13 Buffer Overflow
15.09.2017
james fitts
Med.
PlugX Controller Stack Overflow
07.09.2017
Professor Plum
High
Gh0st Client Buffer Overflow
07.09.2017
Professor Plum
High
Dup Scout Enterprise 9.9.14 Input Directory Local Buffer Overflow
05.09.2017
Touhid M.Shaikh
High
OpenJPEG 'mqc.c' Heap-Based Buffer Overflow
02.09.2017
Ke Liu
High
Dup Scout Enterprise 9.9.14 Buffer Overflow
29.08.2017
Anurag Srivastava
High
VX Search Enterprise 10.0.14 Buffer Overflow
29.08.2017
Anurag Srivastava
High
DiskBoss Enterprise 8.3.12 Buffer Overflow
29.08.2017
Anurag Srivastava
High
Disk Savvy Enterprise 9.9.14 Buffer Overflow
29.08.2017
Nipun Jaswal & Anurag ...
High
Easy Video to iPod/MP4/PSP/3GP Converter 1.5.20 Buffer Overflow
25.08.2017
Anurag Srivastava
High
My Video Converter 1.5.24 Buffer Overflow
25.08.2017
Anurag Srivastava
High
Easy AVI DivX Converter 1.2.24 Buffer Overflow
25.08.2017
Anurag Srivastava
High
MP3 WAV to CD Burner 1.4.24 Buffer Overflow
25.08.2017
Anurag Srivastava
High
Sync Breeze Enterprise 9.9.16 Buffer Overflow
22.08.2017
Anurag Srivastava
High
Disk Pulse Enterprise 9.9.16 Buffer Overflow
22.08.2017
Anurag Srivastava
High
Disk Sorter Enterprise 9.9.12 Buffer Overflow
22.08.2017
Anurag Srivastava
High
MyDoomScanner 1.00 Local Buffer Overflow
21.08.2017
Anurag Srivastava
High
MessengerScan 1.05 Local Buffer Overflow
19.08.2017
Anurag Srivastava
High
DSScan 1.0 - Local Buffer Overflow
19.08.2017
Anurag Srivastava
High
Internet Download Manager 6.28 Build 17 Buffer Overflow (SEH Unicode)
16.08.2017
f3ci
High
ALLPlayer 7.4 Buffer Overflow (SEH Unicode)
16.08.2017
f3ci
High
DiskBoss Enterprise 8.2.14 Buffer Overflow
31.07.2017
Ahmad Mahfouz
High
GNU libiberty Buffer Overflow
29.07.2017
Marcel Böhme
High
AudioCoder 0.8.46 Local Buffer Overflow
28.07.2017
Muhann4d
High
WebKit WebCore::RenderSearchField::addSearchResult Heap Buffer Overflow
26.07.2017
ifratric
High
MAWK 1.3.3-17 Buffer Overflow
25.07.2017
Juan Sacco
High
Easy Chat Server User Registeration Buffer Overflow
22.07.2017
Marco
High
FTPGetter 5.89.0.85 Buffer Overflow
16.07.2017
Paul Purcell
High
Virtuozzo Power Panel (VZPP) 6.1.2 Buffer Over-Read
07.07.2017
Sipke Mellema
High
Digital Canal Structural Wind Analysis 9.1 Buffer Overflow
02.07.2017
Karn Ganeshen
Med.
LG MRA58K - 'ASFParser::SetMetaData' Stack Overflow
01.07.2017
Google Security Resear...
High
Flat Assembler 1.7.21 - Buffer Overflow
29.06.2017
Juan Sacco
High
FASM 1.7.21 Buffer Overflow
28.06.2017
Juan Sacco
High
IBM DB2 9.7 / 10.1 / 10.5 / 11.1 Command Line Processor Buffer Overflow
27.06.2017
Leon Juranic
High
Microsoft Skype 7.2 / 7.35 / 7.36 Buffer Overflow
26.06.2017
Vulnerability Lab
High
JAD 1.5.8e-1kali1 Buffer Overflow
26.06.2017
Juan Sacco
High
Easy File Sharing HTTP Server 7.2 POST Buffer Overflow
25.06.2017
Marco Rivoli
High
GNU binutils 'decode_pseudodbg_assert_0' Buffer Overflow
20.06.2017
Alexandre Adamski
High
GNU binutils 'disassemble_bytes' Heap Overflow
20.06.2017
Alexandre Adamski
High
GNU binutils 'bfd_get_string' Stack Buffer Overflow
20.06.2017
Alexandre Adamski
High
GNU binutils 'rx_decode_opcode' Buffer Overflow
20.06.2017
Alexandre Adamski
High
GNU binutils 'ieee_object_p' Stack Buffer Overflow
20.06.2017
Alexandre Adamski
Med.
netmask stack-based buffer overflow
20.06.2017
Hosein Askari
High
WebKit JSC Intl.getCanonicalLocales Heap Buffer Overflow
16.06.2017
lokihardt
High
VX Search Enterprise 9.7.18 - Local Buffer Overflow
16.06.2017
Greg Priest
High
Easy MOV Converter 1.4.24 Buffer Overflow
15.06.2017
abatchy17
High
Mapscrn 2.0.3 Buffer Overflow
13.06.2017
Exploit Pack
High
DNSTracer Stack-based Buffer Overflow
05.06.2017
Hosein Askari
High
reiserfstune 3.6.25 Buffer Overflow
03.06.2017
Nassim
High
TiEmu 2.08 Buffer Overflow
31.05.2017
Juan Sacco
High
Skia Graphics Library Heap Overflow
27.05.2017
ifratric
High
Dup Scout Enterprise 9.7.18 - '.xml' Local Buffer Overflow
25.05.2017
Greg Priest
High
HTTrack 3.x Stack Buffer Overflow
24.05.2017
Vulnerability Lab
High
VX Search Enterprise GET Buffer Overflow
23.05.2017
Daniel Teixeira
High
Sure Thing Disc Labeler 6.2.138.0 Buffer Overflow
23.05.2017
Chance Johnson
High
Sync Breeze Enterprise GET Buffer Overflow
23.05.2017
Daniel Teixeira
High
Asterisk 14.4.0 PJSIP 2.6 Heap Overflow
23.05.2017
Alfred and Sandro
High
Belden GarrettCom 6K / 10KT Bypass / Disclosure / Buffer Overflow
20.05.2017
Andrew and David
High
Dup Scout Enterprise 9.5.14 Buffer Overflow
17.05.2017
Daniel Teixeira
High
LabF nfsAxe FTP Client 3.7 Buffer Overflow
17.05.2017
Tulpa
High
EnCase Forensic Imager 7.10 Buffer Overflow
14.05.2017
W. Ettlinger
High
Quest Privilege Manager pmmasterd Buffer Overflow
14.05.2017
m0t
High
Gemalto SmartDiag Diagnosis Tool 2.5 Buffer Overflow
09.05.2017
Majid Alqabandi
High
HTTrack Local Stack Buffer Overflow
08.05.2017
Hosein Askari
High
PrivateTunnel Client 2.8 - Local Buffer Overflow
26.04.2017
Muhann4d


CVEMAP Search Results

CVE
Details
Description
2017-12-09
Medium
CVE-2017-11303

Vendor: Adobe
Software: Photoshop
 

 
An issue was discovered in Adobe Photoshop 18.1.1 (2017.1.1) and earlier versions. An exploitable memory corruption vulnerability exists. Successful exploitation could lead to arbitrary code execution.

 
High
CVE-2017-16363

Vendor: Adobe
Software: Acrobat
 

 
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a buffer over-read in the module that handles character codes for certain textual representations. Invalid input leads to a computation where the pointer arithmetic results in a location outside valid memory locations belonging to the buffer. An attack can be used to obtain sensitive information, such as object heap addresses, etc.

 
High
CVE-2017-16364

Vendor: Adobe
Software: Acrobat
 

 
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This issue is due to an untrusted pointer dereference when handling number format dictionary entries. In this scenario, the input is crafted in way that the computation results in pointers to memory locations that do not belong to the relevant process address space. The dereferencing operation is a read operation, and an attack can result in sensitive data exposure.

 
High
CVE-2017-16365

Vendor: Adobe
Software: Acrobat
 

 
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a buffer over-read in the True Type2 Font parsing module. A corrupted cmap table input leads to a computation where the pointer arithmetic results in a location outside valid memory locations belonging to the buffer. An attack can be used to obtain sensitive information, such as object heap addresses, etc.

 
High
CVE-2017-16368

Vendor: Adobe
Software: Acrobat
 

 
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability leads to a stack-based buffer overflow condition in the internal Unicode string manipulation module. It is triggered by an invalid PDF file, where a crafted Unicode string causes an out of bounds memory access of a stack allocated buffer, due to improper checks when manipulating an offset of a pointer to the buffer. Attackers can exploit the vulnerability and achieve arbitrary code execution if they can effectively control the accessible memory.

 
High
CVE-2017-16371

Vendor: Adobe
Software: Acrobat
 

 
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This issue is due to an untrusted pointer dereference in the JavaScript engine. In this scenario, the input is crafted in a way that the computation results in pointers to memory locations that do not belong to the relevant process address space. The dereferencing operation is a read operation, and an attack can result in sensitive data exposure.

 
High
CVE-2017-16372

Vendor: Adobe
Software: Acrobat
 

 
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This issue is due to untrusted pointer dereference in the JavaScript API engine. In this scenario, the JavaScript input is crafted in way that the computation results with pointer to memory locations that do not belong to the relevant process address space. The dereferencing operation is a read operation, and an attack can result with sensitive data exposure.

 
High
CVE-2017-16373

Vendor: Adobe
Software: Acrobat
 

 
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This issue is due to an untrusted pointer dereference. In this scenario, the input is crafted in way that the computation results in pointers to memory locations that do not belong to the relevant process address space. The dereferencing operation is a read operation, and an attack can result in sensitive data exposure.

 
High
CVE-2017-16374

Vendor: Adobe
Software: Acrobat
 

 
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a buffer over-read in the JPEG 2000 module. An invalid JPEG 2000 input code stream leads to a computation where the pointer arithmetic results in a location outside valid memory locations belonging to the buffer. An attack can be used to obtain sensitive information, such as object heap addresses, etc.

 
High
CVE-2017-16375

Vendor: Adobe
Software: Acrobat
 

 
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This issue is due to an untrusted pointer dereference in the JavaSscript API engine. In this scenario, the JavaScript input is crafted in way that the computation results in pointers to memory locations that do not belong to the relevant process address space. The dereferencing operation is a read operation, and an attack can result in sensitive data exposure.

 

 


Copyright 2017, cxsecurity.com

 

Back to Top