Export limit exceeded: 345788 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 345788 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345788 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-18260 | 1 Dolibarr | 1 Dolibarr Erp\/crm | 2024-11-21 | N/A |
| Dolibarr ERP/CRM is affected by multiple SQL injection vulnerabilities in versions through 7.0.0 via comm/propal/list.php (viewstatut parameter) or comm/propal/list.php (propal_statut parameter, aka search_statut parameter). | ||||
| CVE-2017-18259 | 1 Dolibarr | 1 Dolibarr Erp\/crm | 2024-11-21 | N/A |
| Dolibarr ERP/CRM is affected by stored Cross-Site Scripting (XSS) in versions through 7.0.0. | ||||
| CVE-2017-18258 | 2 Redhat, Xmlsoft | 4 Ansible Tower, Enterprise Linux, Jboss Core Services and 1 more | 2024-11-21 | N/A |
| The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file. | ||||
| CVE-2017-18257 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-11-21 | N/A |
| The __get_data_block function in fs/f2fs/data.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow and loop) via crafted use of the open and fallocate system calls with an FS_IOC_FIEMAP ioctl. | ||||
| CVE-2017-18256 | 1 Brave | 1 Brave Browser | 2024-11-21 | N/A |
| Brave Browser before 0.13.0 allows remote attackers to cause a denial of service (resource consumption) via a long alert() argument in JavaScript code, because window dialogs are mishandled. | ||||
| CVE-2017-18255 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A |
| The perf_cpu_time_max_percent_handler function in kernel/events/core.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow) or possibly have unspecified other impact via a large value, as demonstrated by an incorrect sample-rate calculation. | ||||
| CVE-2017-18254 | 3 Canonical, Imagemagick, Redhat | 3 Ubuntu Linux, Imagemagick, Enterprise Linux | 2024-11-21 | N/A |
| An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, which allow remote attackers to cause a denial of service via a crafted file. | ||||
| CVE-2017-18253 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | N/A |
| An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereference vulnerability was found in the function LoadOpenCLDevices in MagickCore/opencl.c, which allows attackers to cause a denial of service via a crafted file. | ||||
| CVE-2017-18252 | 3 Canonical, Imagemagick, Redhat | 3 Ubuntu Linux, Imagemagick, Enterprise Linux | 2024-11-21 | N/A |
| An issue was discovered in ImageMagick 7.0.7. The MogrifyImageList function in MagickWand/mogrify.c allows attackers to cause a denial of service (assertion failure and application exit in ReplaceImageInList) via a crafted file. | ||||
| CVE-2017-18251 | 3 Canonical, Imagemagick, Redhat | 3 Ubuntu Linux, Imagemagick, Enterprise Linux | 2024-11-21 | N/A |
| An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c, which allow remote attackers to cause a denial of service via a crafted file. | ||||
| CVE-2017-18250 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | N/A |
| An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereference vulnerability was found in the function LogOpenCLBuildFailure in MagickCore/opencl.c, which allows attackers to cause a denial of service via a crafted file. | ||||
| CVE-2017-18249 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-11-21 | N/A |
| The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads. | ||||
| CVE-2017-18248 | 1 Apple | 1 Cups | 2024-11-21 | N/A |
| The add_job function in scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is enabled, can be crashed by remote attackers by sending print jobs with an invalid username, related to a D-Bus notification. | ||||
| CVE-2017-18247 | 1 Libav | 1 Libav | 2024-11-21 | N/A |
| The av_audio_fifo_size function in libavutil/audio_fifo.c in Libav 12.2 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted media file. | ||||
| CVE-2017-18246 | 1 Libav | 1 Libav | 2024-11-21 | N/A |
| The pcm_encode_frame function in libavcodec/pcm.c in Libav 12.2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted media file. | ||||
| CVE-2017-18245 | 1 Libav | 1 Libav | 2024-11-21 | N/A |
| The mpc8_probe function in libavformat/mpc8.c in Libav 12.2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted audio file. | ||||
| CVE-2017-18244 | 1 Libav | 1 Libav | 2024-11-21 | N/A |
| The stereo_processing function in libavcodec/aacps.c in Libav 12.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted aac file, related to ff_ps_apply. | ||||
| CVE-2017-18243 | 1 Libav | 1 Libav | 2024-11-21 | N/A |
| The unpack_parse_unit function in libavcodec/dirac_parser.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault) via a crafted file. | ||||
| CVE-2017-18242 | 1 Libav | 1 Libav | 2024-11-21 | N/A |
| The apply_dependent_coupling function in libavcodec/aacdec.c in Libav 12.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted aac file. | ||||
| CVE-2017-18241 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-11-21 | N/A |
| fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to cause a denial of service (NULL pointer dereference and panic) by using a noflush_merge option that triggers a NULL value for a flush_cmd_control data structure. | ||||