DEBIAN-CVE-2017-7679

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, modmime can read one byte past the end of a buffer when sending a malicious Content-Type response header...

FreeBSD : Apache httpd -- several vulnerabilities (0c2db2aa-5584-11e7-9a7d-b499baebfeaf)

The Apache httpd project reports : - apgetbasicauthpw Authentication Bypass CVE-2017-3167 : Use of the apgetbasicauthpw by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed. - modssl NULL pointer Dereference CVE-2017-3169:modssl may...

Apache httpd -- several vulnerabilities

The Apache httpd project reports: apgetbasicauthpw Authentication Bypass CVE-2017-3167: Use of the apgetbasicauthpw by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed. modssl Null Pointer Dereference CVE-2017-3169:modssl may dereferen...

UBUNTU-CVE-2017-7679

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, modmime can read one byte past the end of a buffer when sending a malicious Content-Type response header...

The vulnerability of Microsoft Chakra’s kernel in the Microsoft Edge browser allows a hacker to execute arbitrary code.

The vulnerability in the Microsoft Chakra kernel of the Microsoft Edge browser arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code when accessing objects in memory...

CVE-2017-7365

In all Android releases from CAF using the Linux kernel, a buffer overread can occur if a particular string is not NULL terminated...

Buffer overflow

In all Android releases from CAF using the Linux kernel, a buffer overread can occur if a particular string is not NULL terminated...

UBUNTU-CVE-2017-8240

In all Android releases from CAF using the Linux kernel, a kernel driver has an off-by-one buffer over-read vulnerability...

CVE-2017-7365

CVE-2017-7365 is a Qualcomm bootloader elevation-of-privilege issue disclosed in the Android 2017-06-05 bulletin. It is listed as EoP (High) for the Bootloader component; exploitation would yield higher privileges within the kernel/boot context. Patches are provided via Qualcomm AMSS bulletins an...

CVE-2017-7365

In all Android releases from CAF using the Linux kernel, a buffer overread can occur if a particular string is not NULL terminated...

ytnef denial of service vulnerability (CNVD-2017-09343)

ytnef is an application library for extracting data from winmail.dat files. A denial of service vulnerability exists in the 'DecompressRTF' function in the lib/ytnef.c file in ytnef version 1.9.2. A remote attacker can exploit this vulnerability to cause a denial of service heap buffer...

YARA Denial of Service Vulnerability (CNVD-2017-11330)

YARA is a set of tools used to help software researchers identify and categorize malware samples. A denial of service vulnerability exists in the 'yrarenawritedata' function in YARA version 3.6.1. A remote attacker can exploit this vulnerability with the help of specially crafted files to cause a...

UBUNTU-CVE-2017-9474

In ytnef 1.9.2, the DecompressRTF function in lib/ytnef.c allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted file...

UBUNTU-CVE-2017-9465

The yrarenawritedata function in YARA 3.6.1 allows remote attackers to cause a denial of service buffer over-read and application crash or obtain sensitive information from process memory via a crafted file that is mishandled in the yrrefastexec function in libyara/re.c and the yrscanmatchcallbac...

PT-2017-18938

Name of the Vulnerable Software and Affected Versions YARA version 3.6.1 Description The issue allows remote attackers to cause a denial of service or obtain sensitive information from process memory via a crafted file. This is due to the mishandling of the file in the yr re fast exec function in...

ALPINE-CVE-2017-9348

In Wireshark 2.2.0 to 2.2.6, the DOF dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-dof.c by validating a size value...

UBUNTU-CVE-2017-9348

In Wireshark 2.2.0 to 2.2.6, the DOF dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-dof.c by validating a size value...

ALPINE-CVE-2017-9351

In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-bootp.c by extracting the Vendor Class Identifier more carefully...

UBUNTU-CVE-2017-9351

In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-bootp.c by extracting the Vendor Class Identifier more carefully...

DEBIAN-CVE-2017-9351

In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-bootp.c by extracting the Vendor Class Identifier more carefully...