Export limit exceeded: 84175 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (84175 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-3200 | 1 Graniteds | 1 Graniteds | 2024-11-21 | 8.1 High |
| The Java implementation of AMF3 deserializers used in GraniteDS, version 3.1.1.G, may allow instantiation of arbitrary classes via their public parameter-less constructor and subsequently call arbitrary Java Beans setter methods. The ability to exploit this vulnerability depends on the availability of classes in the class path that make use of deserialization. A remote attacker with the ability to spoof or control information may be able to send serialized Java objects with pre-set properties that result in arbitrary code execution when deserialized. | ||||
| CVE-2017-3199 | 1 Graniteds | 1 Graniteds | 2024-11-21 | 8.1 High |
| The Java implementation of GraniteDS, version 3.1.1.GA, AMF3 deserializers derives class instances from java.io.Externalizable rather than the AMF3 specification's recommendation of flash.utils.IExternalizable. A remote attacker with the ability to spoof or control an RMI server connection may be able to send serialized Java objects that execute arbitrary code when deserialized. | ||||
| CVE-2017-3145 | 5 Debian, Isc, Juniper and 2 more | 43 Debian Linux, Bind, Junos and 40 more | 2024-11-21 | 7.5 High |
| BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1. | ||||
| CVE-2017-3144 | 4 Canonical, Debian, Isc and 1 more | 10 Ubuntu Linux, Debian Linux, Dhcp and 7 more | 2024-11-21 | 7.5 High |
| A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond their end-of-life (EOL). Releases prior to 4.1.0 have not been tested. | ||||
| CVE-2017-3139 | 1 Redhat | 8 Enterprise Linux, Enterprise Linux Server Aus, Enterprise Linux Server Eus and 5 more | 2024-11-21 | 7.5 High |
| A denial of service flaw was found in the way BIND handled DNSSEC validation. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. | ||||
| CVE-2017-2924 | 2 Debian, Freexl Project | 2 Debian Linux, Freexl | 2024-11-21 | 8.8 High |
| An exploitable heap-based buffer overflow vulnerability exists in the read_legacy_biff function of FreeXL 1.0.3. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability. | ||||
| CVE-2017-2923 | 2 Debian, Freexl Project | 2 Debian Linux, Freexl | 2024-11-21 | 8.8 High |
| An exploitable heap based buffer overflow vulnerability exists in the 'read_biff_next_record function' of FreeXL 1.0.3. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability. | ||||
| CVE-2017-2918 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-11-21 | 7.8 High |
| An exploitable integer overflow exists in the Image loading functionality of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open the file or use it as a library in order to trigger this vulnerability. | ||||
| CVE-2017-2910 | 1 Libxls Project | 1 Libxls | 2024-11-21 | 8.8 High |
| An exploitable Out-of-bounds Write vulnerability exists in the xls_addCell function of libxls 2.0. A specially crafted xls file can cause a memory corruption resulting in remote code execution. An attacker can send malicious xls file to trigger this vulnerability. | ||||
| CVE-2017-2908 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-11-21 | 7.8 High |
| An exploitable integer overflow exists in the thumbnail functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to render the thumbnail for the file while in the File->Open dialog. | ||||
| CVE-2017-2907 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-11-21 | 7.8 High |
| An exploitable integer overflow exists in the animation playing functionality of the Blender open-source 3d creation suite version 2.78c. A specially created '.avi' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset in order to trigger this vulnerability. | ||||
| CVE-2017-2906 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-11-21 | 7.8 High |
| An exploitable integer overflow exists in the animation playing functionality of the Blender open-source 3d creation suite version 2.78c. A specially created '.avi' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset in order to trigger this vulnerability. | ||||
| CVE-2017-2905 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-11-21 | 7.8 High |
| An exploitable integer overflow exists in the bmp loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.bmp' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset via the sequencer in order to trigger this vulnerability. | ||||
| CVE-2017-2904 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-11-21 | 7.8 High |
| An exploitable integer overflow exists in the RADIANCE loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.hdr' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset via the sequencer in order to trigger this vulnerability. | ||||
| CVE-2017-2903 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-11-21 | 7.8 High |
| An exploitable integer overflow exists in the DPX loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.cin' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset via the sequencer in order to trigger this vulnerability. | ||||
| CVE-2017-2902 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-11-21 | 7.8 High |
| An exploitable integer overflow exists in the DPX loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.cin' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset via the sequencer in order to trigger this vulnerability. | ||||
| CVE-2017-2901 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-11-21 | 7.8 High |
| An exploitable integer overflow exists in the IRIS loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.iris' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset via the sequencer in order to trigger this vulnerability. | ||||
| CVE-2017-2900 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-11-21 | 7.8 High |
| An exploitable integer overflow exists in the PNG loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.png' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset via the sequencer in order to trigger this vulnerability. | ||||
| CVE-2017-2899 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-11-21 | 7.8 High |
| An exploitable integer overflow exists in the TIFF loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.tif' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset via the sequencer in order to trigger this vulnerability. | ||||
| CVE-2017-2878 | 1 Foscam | 2 C1, C1 Firmware | 2024-11-21 | 7.5 High |
| An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted HTTP request can cause a buffer overflow resulting in overwriting arbitrary data. An attacker can simply send an HTTP request to the device to trigger this vulnerability. | ||||