Total
8950 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-11573 | 1 Fontforge | 1 Fontforge | 2025-04-20 | N/A |
| FontForge 20161012 is vulnerable to a buffer over-read in ValidatePostScriptFontName (parsettf.c) resulting in DoS or code execution via a crafted otf file. | ||||
| CVE-2017-9869 | 1 Lame Project | 1 Lame | 2025-04-20 | N/A |
| The II_step_one function in layer2.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file. | ||||
| CVE-2017-9847 | 1 Libtorrent | 1 Libtorrent | 2025-04-20 | N/A |
| The bdecode function in bdecode.cpp in libtorrent 1.1.3 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. | ||||
| CVE-2017-9770 | 1 Razerzone | 1 Razer Synapse | 2025-04-20 | N/A |
| A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse that can cause an out of bounds read operation to occur due to a field within the IOCTL data being used as a length. | ||||
| CVE-2017-9728 | 1 Uclibc | 1 Uclibc | 2025-04-20 | N/A |
| In uClibc 0.9.33.2, there is an out-of-bounds read in the get_subexp function in misc/regex/regexec.c when processing a crafted regular expression. | ||||
| CVE-2017-9717 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while parsing Netlink attributes, a buffer overread can occur. | ||||
| CVE-2017-9474 | 1 Ytnef Project | 1 Ytnef | 2025-04-20 | N/A |
| In ytnef 1.9.2, the DecompressRTF function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. | ||||
| CVE-2017-9471 | 2 Canonical, Ytnef Project | 2 Ubuntu Linux, Ytnef | 2025-04-20 | N/A |
| In ytnef 1.9.2, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. | ||||
| CVE-2017-9223 | 1 Audiocoding | 1 Freeware Advanced Audio Decoder 2 | 2025-04-20 | N/A |
| The mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file. | ||||
| CVE-2017-9221 | 1 Audiocoding | 1 Freeware Advanced Audio Decoder 2 | 2025-04-20 | N/A |
| The mp4ff_read_mdhd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file. | ||||
| CVE-2017-9207 | 1 Entropymine | 1 Imageworsener | 2025-04-20 | N/A |
| The iw_get_ui16be function in imagew-util.c:422:24 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image, related to imagew-jpeg.c. | ||||
| CVE-2017-9206 | 1 Entropymine | 1 Imageworsener | 2025-04-20 | N/A |
| The iw_get_ui16le function in imagew-util.c:405:23 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image, related to imagew-jpeg.c. | ||||
| CVE-2017-9205 | 1 Entropymine | 1 Imageworsener | 2025-04-20 | N/A |
| The iw_get_ui16be function in imagew-util.c:422:24 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (invalid read and SEGV) via a crafted image, related to imagew-jpeg.c. | ||||
| CVE-2017-9204 | 1 Entropymine | 1 Imageworsener | 2025-04-20 | N/A |
| The iw_get_ui16le function in imagew-util.c:405:23 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (invalid read and SEGV) via a crafted image, related to imagew-jpeg.c. | ||||
| CVE-2017-9166 | 1 Autotrace Project | 1 Autotrace | 2025-04-20 | N/A |
| libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in color.c:18:11. | ||||
| CVE-2017-9123 | 1 Libquicktime | 1 Libquicktime | 2025-04-20 | N/A |
| The lqt_frame_duration function in lqt_quicktime.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file. | ||||
| CVE-2017-8455 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2025-04-20 | N/A |
| Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in a PDF document. | ||||
| CVE-2017-8401 | 1 Swftools | 1 Swftools | 2025-04-20 | N/A |
| In SWFTools 0.9.2, an out-of-bounds read of heap data can occur in the function png_load() in lib/png.c:724. This issue can be triggered by a malformed PNG file that is mishandled by png2swf. Attackers could exploit this issue for DoS. | ||||
| CVE-2017-8374 | 1 Underbit | 1 Mad Libmad | 2025-04-20 | N/A |
| The mad_bit_skip function in bit.c in Underbit MAD libmad 0.15.1b allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted audio file. | ||||
| CVE-2017-8362 | 2 Debian, Libsndfile Project | 2 Debian Linux, Libsndfile | 2025-04-20 | N/A |
| The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted audio file. | ||||