CVE-2017-16525
- EPSS 0.39%
- Veröffentlicht 04.11.2017 01:29:36
- Zuletzt bearbeitet 13.05.2026 00:24:29
The usb_serial_console_disconnect function in drivers/usb/serial/console.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted USB...
CVE-2017-16526
- EPSS 0.32%
- Veröffentlicht 04.11.2017 01:29:36
- Zuletzt bearbeitet 13.05.2026 00:24:29
drivers/uwb/uwbd.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device.
CVE-2017-16527
- EPSS 0.38%
- Veröffentlicht 04.11.2017 01:29:36
- Zuletzt bearbeitet 13.05.2026 00:24:29
sound/usb/mixer.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (snd_usb_mixer_interrupt use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device.
CVE-2017-16529
- EPSS 0.4%
- Veröffentlicht 04.11.2017 01:29:36
- Zuletzt bearbeitet 13.05.2026 00:24:29
The snd_usb_create_streams function in sound/usb/card.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.
CVE-2017-16516
- EPSS 3.77%
- Veröffentlicht 03.11.2017 15:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In the yajl-ruby gem 1.3.0 for Ruby, when a crafted JSON file is supplied to Yajl::Parser.new.parse, the whole ruby process crashes with a SIGABRT in the yajl_string_decode function in yajl_encode.c. This results in the whole ruby process terminating...
CVE-2017-16352
- EPSS 14.51%
- Veröffentlicht 01.11.2017 15:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vulnerability found in the "Display visual image directory" feature of the DescribeImage() function of the magick/describe.c file. One possible way to trigger the vulnerability is to...
CVE-2017-16353
- EPSS 13.68%
- Veröffentlicht 01.11.2017 15:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing the vulnerability is ...
CVE-2017-1000257
- EPSS 6.22%
- Veröffentlicht 31.10.2017 21:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that (non-existing) data with a pointer and the size (zero) to the deliver-data function. l...
CVE-2017-1000256
- EPSS 1.7%
- Veröffentlicht 31.10.2017 15:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
libvirt version 2.3.0 and later is vulnerable to a bad default configuration of "verify-peer=no" passed to QEMU by libvirt resulting in a failure to validate SSL/TLS certificates by default.
CVE-2017-16227
- EPSS 18.79%
- Veröffentlicht 29.10.2017 20:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The aspath_put function in bgpd/bgp_aspath.c in Quagga before 1.2.2 allows remote attackers to cause a denial of service (session drop) via BGP UPDATE messages, because AS_PATH size calculation for long paths counts certain bytes twice and consequent...