Export limit exceeded: 363089 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (45916 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-12894 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-12-04 9.8 Critical
Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring().
CVE-2017-12893 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-12-04 9.8 Critical
The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len().
CVE-2022-50307 1 Linux 1 Linux Kernel 2025-12-04 7.1 High
In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix out-of-bounds access on cio_ignore free The channel-subsystem-driver scans for newly available devices whenever device-IDs are removed from the cio_ignore list using a command such as: echo free >/proc/cio_ignore Since an I/O device scan might interfer with running I/Os, commit 172da89ed0ea ("s390/cio: avoid excessive path-verification requests") introduced an optimization to exclude online devices from the scan. The newly added check for online devices incorrectly assumes that an I/O-subchannel's drvdata points to a struct io_subchannel_private. For devices that are bound to a non-default I/O subchannel driver, such as the vfio_ccw driver, this results in an out-of-bounds read access during each scan. Fix this by changing the scan logic to rely on a driver-independent online indication. For this we can use struct subchannel->config.ena, which is the driver's requested subchannel-enabled state. Since I/Os can only be started on enabled subchannels, this matches the intent of the original optimization of not scanning devices where I/O might be running.
CVE-2017-13689 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-12-04 9.8 Critical
The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print().
CVE-2017-13688 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-12-04 9.8 Critical
The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print().
CVE-2017-13687 3 Debian, Redhat, Tcpdump 3 Debian Linux, Enterprise Linux, Tcpdump 2025-12-04 9.8 Critical
The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().
CVE-2017-13055 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-12-04 9.8 Critical
The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_is_reach_subtlv().
CVE-2017-13054 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-12-04 9.8 Critical
The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print().
CVE-2017-13053 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-12-04 9.8 Critical
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info().
CVE-2017-13050 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-12-04 9.8 Critical
The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print().
CVE-2017-13048 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-12-04 9.8 Critical
The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
CVE-2017-13047 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-12-04 9.8 Critical
The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().
CVE-2017-13045 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-12-04 9.8 Critical
The VQP parser in tcpdump before 4.9.2 has a buffer over-read in print-vqp.c:vqp_print().
CVE-2017-13041 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-12-04 9.8 Critical
The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print().
CVE-2017-13040 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-12-04 9.8 Critical
The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions.
CVE-2017-13038 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-12-04 9.8 Critical
The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp().
CVE-2022-50330 1 Linux 1 Linux Kernel 2025-12-04 5.5 Medium
In the Linux kernel, the following vulnerability has been resolved: crypto: cavium - prevent integer overflow loading firmware The "code_length" value comes from the firmware file. If your firmware is untrusted realistically there is probably very little you can do to protect yourself. Still we try to limit the damage as much as possible. Also Smatch marks any data read from the filesystem as untrusted and prints warnings if it not capped correctly. The "ntohl(ucode->code_length) * 2" multiplication can have an integer overflow.
CVE-2017-5130 4 Debian, Google, Redhat and 1 more 4 Debian Linux, Chrome, Rhel Extras and 1 more 2025-12-03 8.8 High
An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file.
CVE-2025-20759 1 Mediatek 47 Modem, Mt2735, Mt2737 and 44 more 2025-12-03 6.5 Medium
In Modem, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01673760; Issue ID: MSV-4650.
CVE-2018-14882 7 Apple, Debian, F5 and 4 more 7 Mac Os X, Debian Linux, Traffix Signaling Delivery Controller and 4 more 2025-12-03 9.8 Critical
The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.