CVE-2017-0031

Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Word 2007 SP3, and Word 2010 SP2 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." This vulnerability is differen...

Out-of-bounds

The sdhcisdmatransfermultiblocks function in hw/sd/sdhci.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service out-of-bounds heap access and crash or execute arbitrary code on the QEMU host via vectors involving the data transfer length...

CVE-2017-5522

Stack-based buffer overflow in MapServer before 6.0.6, 6.2.x before 6.2.4, 6.4.x before 6.4.5, and 7.0.x before 7.0.4 allows remote attackers to cause a denial of service crash or execute arbitrary code via vectors involving WFS get feature requests...

CVE-2017-5522

Stack-based buffer overflow in MapServer before 6.0.6, 6.2.x before 6.2.4, 6.4.x before 6.4.5, and 7.0.x before 7.0.4 allows remote attackers to cause a denial of service crash or execute arbitrary code via vectors involving WFS get feature requests...

CVE-2017-5522

Stack-based buffer overflow in MapServer before 6.0.6, 6.2.x before 6.2.4, 6.4.x before 6.4.5, and 7.0.x before 7.0.4 allows remote attackers to cause a denial of service crash or execute arbitrary code via vectors involving WFS get feature requests...

CVE-2017-5668

bitlbee-libpurple before 3.5.1 allows remote attackers to cause a denial of service NULL pointer dereference and crash and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list. NOTE: this vulnerability exists because of an incomplete fix for...

CVE-2017-5668

bitlbee-libpurple before 3.5.1 allows remote attackers to cause a denial of service NULL pointer dereference and crash and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list. NOTE: this vulnerability exists because of an incomplete fix for...

CVE-2016-10188

The CVE CVE-2016-10188 affects bitlbee-libpurple prior to 3.5. A use-after-free vulnerability allows a remote attacker to cause a denial of service (crash) or potentially execute arbitrary code by causing a file transfer connection to expire. Public advisories and vulnerability records confirm th...

CVE-2016-10188

Use-after-free vulnerability in bitlbee-libpurple before 3.5 allows remote servers to cause a denial of service crash or possibly execute arbitrary code by causing a file transfer connection to expire...

Ubuntu: Security Advisory (USN-3231-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-0307

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

CVE-2016-8863

Heap-based buffer overflow in the createurllist function in gena/genadevice.c in Portable UPnP SDK aka libupnp before 1.6.21 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a valid URI followed by an invalid one in the CALLBACK header of an...

CVE-2016-8863

Heap-based buffer overflow in the createurllist function in gena/genadevice.c in Portable UPnP SDK aka libupnp before 1.6.21 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a valid URI followed by an invalid one in the CALLBACK header of an...

Heap overflow

Heap-based buffer overflow in the createurllist function in gena/genadevice.c in Portable UPnP SDK aka libupnp before 1.6.21 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a valid URI followed by an invalid one in the CALLBACK header of an...

CVE-2016-8863

Heap-based buffer overflow in the createurllist function in gena/genadevice.c in Portable UPnP SDK aka libupnp before 1.6.21 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a valid URI followed by an invalid one in the CALLBACK header of an...

CVE-2016-8863

CVE-2016-8863 affects the Portable UPnP SDK (libupnp) before 1.6.21. The heap-based overflow occurs in create_url_list (gena/gena_device.c) when processing a valid URI followed by an invalid one in the CALLBACK header of a SUBSCRIBE request. This can lead to a crash or potentially arbitrary code ...

CVE-2016-7406

Format string vulnerability in Dropbear SSH before 2016.74 allows remote attackers to execute arbitrary code via format string specifiers in the 1 username or 2 host argument...

CVE-2017-5884

gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the src x, y coordinates in a crafted 1 rre, 2 hextile, or 3 copyrect tile...

CVE-2017-0037

Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote attackers to execute arbitrary code via vectors involving a crafted Cascading Style Sheet...

GLSA-201702-11 : GNU C Library: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201702-11 GNU C Library: Multiple vulnerabilities Multiple vulnerabilities have been discovered in the GNU C Library. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker could...