CVE-2017-14491
- EPSS 84.93%
- Veröffentlicht 04.10.2017 01:29:02
- Zuletzt bearbeitet 13.05.2026 00:24:29
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
CVE-2017-14492
- EPSS 93.31%
- Veröffentlicht 03.10.2017 01:29:02
- Zuletzt bearbeitet 13.05.2026 00:24:29
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.
CVE-2017-14493
- EPSS 83.64%
- Veröffentlicht 03.10.2017 01:29:02
- Zuletzt bearbeitet 13.05.2026 00:24:29
Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.
CVE-2017-14494
- EPSS 67.55%
- Veröffentlicht 03.10.2017 01:29:02
- Zuletzt bearbeitet 13.05.2026 00:24:29
dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.
CVE-2017-14495
- EPSS 84.32%
- Veröffentlicht 03.10.2017 01:29:02
- Zuletzt bearbeitet 13.05.2026 00:24:29
Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation.
CVE-2017-14496
- EPSS 66.35%
- Veröffentlicht 03.10.2017 01:29:02
- Zuletzt bearbeitet 13.05.2026 00:24:29
Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.
CVE-2017-13704
- EPSS 65.41%
- Veröffentlicht 03.10.2017 01:29:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platf...
CVE-2017-14859
- EPSS 1.07%
- Veröffentlicht 29.09.2017 01:34:49
- Zuletzt bearbeitet 13.05.2026 00:24:29
An Invalid memory address dereference was discovered in Exiv2::StringValueBase::read in value.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
CVE-2017-14862
- EPSS 1.07%
- Veröffentlicht 29.09.2017 01:34:49
- Zuletzt bearbeitet 13.05.2026 00:24:29
An Invalid memory address dereference was discovered in Exiv2::DataValue::read in value.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
CVE-2017-14864
- EPSS 1.07%
- Veröffentlicht 29.09.2017 01:34:49
- Zuletzt bearbeitet 13.05.2026 00:24:29
An Invalid memory address dereference was discovered in Exiv2::getULong in types.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.