CVE-2017-10810
- EPSS 3.76%
- Veröffentlicht 04.07.2017 20:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Memory leak in the virtio_gpu_object_create function in drivers/gpu/drm/virtio/virtgpu_object.c in the Linux kernel through 4.11.8 allows attackers to cause a denial of service (memory consumption) by triggering object-initialization failures.
CVE-2017-10672
- EPSS 7.93%
- Veröffentlicht 29.06.2017 08:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Use-after-free in the XML-LibXML module through 2.0129 for Perl allows remote attackers to execute arbitrary code by controlling the arguments to a replaceChild call.
CVE-2017-9988
- EPSS 2.04%
- Veröffentlicht 28.06.2017 06:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The readEncUInt30 function in util/read.c in libming 0.4.8 mishandles memory allocation. A crafted input will lead to a remote denial of service (NULL pointer dereference) attack against parser.c.
CVE-2017-9989
- EPSS 2.04%
- Veröffentlicht 28.06.2017 06:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
util/outputtxt.c in libming 0.4.8 mishandles memory allocation. A crafted input will lead to a remote denial of service (NULL pointer dereference) attack.
CVE-2017-9992
- EPSS 2.77%
- Veröffentlicht 28.06.2017 06:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Heap-based buffer overflow in the decode_dds1 function in libavcodec/dfa.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 allows remote attackers to cause a denial of service (application c...
CVE-2017-9993
- EPSS 16.44%
- Veröffentlicht 28.06.2017 06:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
FFmpeg before 2.8.12, 3.0.x and 3.1.x before 3.1.9, 3.2.x before 3.2.6, and 3.3.x before 3.3.2 does not properly restrict HTTP Live Streaming filename extensions and demuxer names, which allows attackers to read arbitrary files via crafted playlist d...
CVE-2017-9994
- EPSS 1.85%
- Veröffentlicht 28.06.2017 06:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not ensure that pix_fmt is set, which allows remote attackers to cause a denial of service (heap-based buffer overflow ...
CVE-2017-9935
- EPSS 3.92%
- Veröffentlicht 26.06.2017 12:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In LibTIFF 4.0.8, there is a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. This heap overflow could lead to different damages. For example, a crafted TIFF document can lead to an out-of-bounds read in TIFFCleanup, an i...
CVE-2017-9936
- EPSS 7.48%
- Veröffentlicht 26.06.2017 12:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In LibTIFF 4.0.8, there is a memory leak in tif_jbig.c. A crafted TIFF document can lead to a memory leak resulting in a remote denial of service attack.
CVE-2017-9928
- EPSS 1.01%
- Veröffentlicht 26.06.2017 07:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:979, which allows attackers to cause a denial of service via a crafted file.