CVE-2017-12899
- EPSS 3.28%
- Veröffentlicht 14.09.2017 06:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print().
CVE-2017-12902
- EPSS 3.48%
- Veröffentlicht 14.09.2017 06:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions.
CVE-2017-12987
- EPSS 3.28%
- Veröffentlicht 14.09.2017 06:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().
CVE-2017-2816
- EPSS 2.39%
- Veröffentlicht 13.09.2017 18:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
An exploitable buffer overflow vulnerability exists in the tag parsing functionality of LibOFX 0.9.11. A specially crafted OFX file can cause a write out of bounds resulting in a buffer overflow on the stack. An attacker can construct a malicious OFX...
CVE-2015-2749
- EPSS 1.46%
- Veröffentlicht 13.09.2017 16:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Open redirect vulnerability in Drupal 6.x before 6.35 and 7.x before 7.35 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter.
CVE-2015-2750
- EPSS 1.38%
- Veröffentlicht 13.09.2017 16:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Open redirect vulnerability in URL-related API functions in Drupal 6.x before 6.35 and 7.x before 7.35 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the "//" initial sequence.
- EPSS 16.18%
- Veröffentlicht 12.09.2017 17:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remot...
CVE-2017-14341
- EPSS 2.04%
- Veröffentlicht 12.09.2017 17:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGImage in coders/wpg.c, causing CPU exhaustion via a crafted wpg image file.
CVE-2017-14314
- EPSS 1.86%
- Veröffentlicht 12.09.2017 00:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Off-by-one error in the DrawImage function in magick/render.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (DrawDashPolygon heap-based buffer over-read and application crash) via a crafted file.
CVE-2017-7650
- EPSS 2.47%
- Veröffentlicht 11.09.2017 16:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In Mosquitto before 1.4.12, pattern based ACLs can be bypassed by clients that set their username/client id to '#' or '+'. This allows locally or remotely connected clients to access MQTT topics that they do have the rights to. The same issue may be ...