Export limit exceeded: 15386 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (15386 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-11300 | 1 Adobe | 1 Digital Editions | 2025-04-20 | N/A |
| An issue was discovered in Adobe Digital Editions 4.5.6 and earlier versions. An exploitable memory corruption vulnerability exists, which could lead to disclosure of memory addresses. | ||||
| CVE-2017-11301 | 1 Adobe | 1 Digital Editions | 2025-04-20 | N/A |
| An issue was discovered in Adobe Digital Editions 4.5.6 and earlier versions. An exploitable memory corruption vulnerability exists, which could lead to disclosure of memory addresses. | ||||
| CVE-2017-11302 | 1 Adobe | 1 Indesign | 2025-04-20 | N/A |
| An issue was discovered in Adobe InDesign 12.1.0 and earlier versions. An exploitable memory corruption vulnerability exists. Successful exploitation could lead to arbitrary code execution. | ||||
| CVE-2017-11303 | 1 Adobe | 1 Photoshop | 2025-04-20 | N/A |
| An issue was discovered in Adobe Photoshop 18.1.1 (2017.1.1) and earlier versions. An exploitable memory corruption vulnerability exists. Successful exploitation could lead to arbitrary code execution. | ||||
| CVE-2017-11311 | 1 Openmpt | 2 Libopenmpt, Openmpt | 2025-04-20 | N/A |
| soundlib/Load_psm.cpp in OpenMPT through 1.26.12.00 and libopenmpt before 0.2.8461-beta26 has a heap buffer overflow with the potential for arbitrary code execution via a crafted PSM File that triggers use of the same sample slot for two samples. | ||||
| CVE-2017-11323 | 1 Estsoft | 1 Alzip | 2025-04-20 | 7.8 High |
| Stack-based buffer overflow in ESTsoft ALZip 8.51 and earlier allows remote attackers to execute arbitrary code via a crafted MS-DOS device file, as demonstrated by use of "AUX" as the initial substring of a filename. | ||||
| CVE-2017-11328 | 1 Virustotal | 1 Yara | 2025-04-20 | N/A |
| Heap buffer overflow in the yr_object_array_set_item() function in object.c in YARA 3.x allows a denial-of-service attack by scanning a crafted .NET file. | ||||
| CVE-2017-11331 | 1 Xiph | 1 Vorbis-tools | 2025-04-20 | 5.5 Medium |
| The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (memory allocation error) via a crafted wav file. | ||||
| CVE-2017-11339 | 1 Exiv2 | 1 Exiv2 | 2025-04-20 | N/A |
| There is a heap-based buffer overflow in the Image::printIFDStructure function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack. | ||||
| CVE-2017-11340 | 1 Exiv2 | 1 Exiv2 | 2025-04-20 | N/A |
| There is a Segmentation fault in the XmpParser::terminate() function in Exiv2 0.26, related to an exit call. A Crafted input will lead to a remote denial of service attack. | ||||
| CVE-2017-11344 | 1 Asuswrt-merlin Project | 56 Rt-ac1200, Rt-ac1200 Firmware, Rt-ac3100 and 53 more | 2025-04-20 | N/A |
| Global buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to write shellcode at any address in the heap; this can be used to execute arbitrary code on the router by hosting a crafted device description XML document at a URL specified within a Location header in an SSDP response. | ||||
| CVE-2017-11345 | 1 Asuswrt-merlin Project | 56 Rt-ac1200, Rt-ac1200 Firmware, Rt-ac3100 and 53 more | 2025-04-20 | N/A |
| Stack buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code on the router by hosting a crafted device description XML document (that includes a serviceType element) at a URL specified within a Location header in an SSDP response. | ||||
| CVE-2017-11362 | 2 Php, Redhat | 2 Php, Rhel Software Collections | 2025-04-20 | N/A |
| In PHP 7.x before 7.0.21 and 7.1.x before 7.1.7, ext/intl/msgformat/msgformat_parse.c does not restrict the locale length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact within International Components for Unicode (ICU) for C/C++ via a long first argument to the msgfmt_parse_message function. | ||||
| CVE-2017-11420 | 1 Asuswrt-merlin Project | 56 Rt-ac1200, Rt-ac1200 Firmware, Rt-ac3100 and 53 more | 2025-04-20 | N/A |
| Stack-based buffer overflow in ASUS_Discovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code via long device information that is mishandled during a strcat to a device list. | ||||
| CVE-2017-11465 | 1 Ruby-lang | 1 Ruby | 2025-04-20 | N/A |
| The parser_yyerror function in the UTF-8 parser in Ruby 2.4.1 allows attackers to cause a denial of service (invalid write or read) or possibly have unspecified other impact via a crafted Ruby script, related to the parser_tokadd_utf8 function in parse.y. NOTE: this might have security relevance as a bypass of a $SAFE protection mechanism. | ||||
| CVE-2017-11496 | 1 Gemalto | 1 Sentinel Ldk Rte | 2025-04-20 | N/A |
| Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to execute arbitrary code via malformed ASN.1 streams in V2C and similar input files. | ||||
| CVE-2017-11497 | 1 Gemalto | 1 Sentinel Ldk Rte | 2025-04-20 | N/A |
| Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to execute arbitrary code via language packs containing filenames longer than 1024 characters. | ||||
| CVE-2017-11498 | 1 Gemalto | 1 Sentinel Ldk Rte | 2025-04-20 | N/A |
| Buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to shut down the remote process (a denial of service) via a language pack (ZIP file) with invalid HTML files. | ||||
| CVE-2017-11517 | 1 Geutebrueck | 1 Gcore | 2025-04-20 | N/A |
| Stack-based buffer overflow in GCoreServer.exe in the server in Geutebrueck Gcore 1.3.8.42 and 1.4.2.37 allows remote attackers to execute arbitrary code via a long URI in a GET request. | ||||
| CVE-2017-11804 | 1 Microsoft | 4 Chakracore, Edge, Windows 10 and 1 more | 2025-04-20 | N/A |
| ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821. | ||||