CVEs from 2017
Total
11,692
critical
critical 1,647
high
high 5,041
medium
medium 4,168
low
low 159
% Critical
14.1%
% with KEV
0.7%
% with exploit
1.8%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-2780 | critical | 9.8 | 9.8 | 9y ago | An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overfl… | |||
| CVE-2017-9424 | critical | 9.8 | 9.8 | 9y ago | IdeaBlade Breeze Breeze.Server.NET before 1.6.5 allows remote attackers to execute arbitrary code, related to use of TypeNameHandling in JSON deserialization. | |||
| CVE-2017-9807 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in the OpenWebif plugin through 1.2.4 for E2 open devices. The saveConfig function of "plugin/controllers/models/config.py" performs an eval() call on the contents of the "key… | |||
| CVE-2017-4990 | critical | 9.8 | 9.8 | 9y ago | In EMC Avamar Server Software 7.4.1-58, 7.4.0-242, 7.3.1-125, 7.3.0-233, 7.3.0-226, an unauthorized attacker may leverage the file upload feature of the system maintenance page to load a maliciously … | |||
| CVE-2017-4989 | critical | 9.8 | 9.8 | 9y ago | In EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31, 7.2.0-401, an unauthenticated remote attacker may potentially bypass the authentication process to gain access to th… | |||
| CVE-2017-6050 | critical | 9.8 | 9.8 | 9y ago | A SQL Injection issue was discovered in Ecava IntegraXor Versions 5.2.1231.0 and prior. The application fails to properly validate user input, which may allow for an unauthenticated attacker to remot… | |||
| CVE-2017-2805 | critical | 9.8 | 9.8 | 9y ago | An exploitable stack-based buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera. A specially crafted http request can cause a stack-based buffer… | |||
| CVE-2017-9771 | critical | 9.8 | 9.8 | 9y ago | install\save.php in WebsiteBaker v2.10.0 allows remote attackers to execute arbitrary PHP code via the database_username, database_host, or database_password parameter. | |||
| CVE-2017-3098 | critical | 9.8 | 9.8 | 9y ago | Adobe Captivate versions 9 and earlier have a remote code execution vulnerability in the quiz reporting feature that could be abused to read and write arbitrary files to the server. | |||
| CVE-2017-3097 | critical | 9.8 | 9.8 | 9y ago | Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The vulnerability is due to unsafe library loading functions in the installer plugin. A successful… | |||
| CVE-2017-3096 | critical | 9.8 | 9.8 | 9y ago | Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the character code mapping module. Successful exploitation could lead to arbitrary code execut… | |||
| CVE-2017-3095 | critical | 9.8 | 9.8 | 9y ago | Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the PDF parsing engine. Successful exploitation could lead to arbitrary code execution. | |||
| CVE-2017-3094 | critical | 9.8 | 9.8 | 9y ago | Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the PDF processing engine. Successful exploitation could lead to arbitrary code execution. | |||
| CVE-2017-3093 | critical | 9.8 | 9.8 | 9y ago | Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the bitmap representation module. Successful exploitation could lead to arbitrary code executi… | |||
| CVE-2017-3092 | critical | 9.8 | 9.8 | 9y ago | Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The vulnerability is due to unsafe library loading of editor control library functions in the inst… | |||
| CVE-2017-3090 | critical | 9.8 | 9.8 | 9y ago | Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The vulnerability is due to unsafe library loading of browser related library extensions in the in… | |||
| CVE-2017-3089 | critical | 9.8 | 9.8 | 9y ago | Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the PDF imaging model. Successful exploitation could lead to arbitrary code execution. | |||
| CVE-2017-3086 | critical | 9.8 | 9.8 | 9y ago | Adobe Shockwave versions 12.2.8.198 and earlier have an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | |||
| CVE-2017-3084 | critical | 9.8 | 9.8 | 9y ago | Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability in the advertising metadata functionality. Successful exploitation could lead to arbitrary code exe… | |||
| CVE-2017-3083 | critical | 9.8 | 9.8 | 9y ago | Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability in the Primetime SDK functionality related to the profile metadata of the media stream. Successful … | |||
| CVE-2017-3082 | critical | 9.8 | 9.8 | 9y ago | Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the LocaleID class. Successful exploitation could lead to arbitrary code execution. | |||
| CVE-2017-3081 | critical | 9.8 | 9.8 | 9y ago | Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability during internal computation caused by multiple display object mask manipulations. Successful exploi… | |||
| CVE-2017-3079 | critical | 9.8 | 9.8 | 9y ago | Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the internal representation of raster data. Successful exploitation could lead to arbitrary c… | |||
| CVE-2017-3078 | critical | 9.8 | 9.8 | 9y ago | Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the Adobe Texture Format (ATF) module. Successful exploitation could lead to arbitrary code e… | |||
| CVE-2017-3077 | critical | 9.8 | 9.8 | 9y ago | Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the PNG image parser. Successful exploitation could lead to arbitrary code execution. | |||
| CVE-2017-3076 | critical | 9.8 | 9.8 | 9y ago | Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the MPEG-4 AVC module. Successful exploitation could lead to arbitrary code execution. | |||
| CVE-2017-3075 | critical | 9.8 | 9.8 | 9y ago | Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability when manipulating the ActionsScript 2 XML class. Successful exploitation could lead to arbitrary co… | |||
| CVE-2017-7679 | critical | 9.8 | 9.8 | 9y ago | In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header. | |||
| CVE-2017-3169 | critical | 9.8 | 9.8 | 9y ago | In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port. | |||
| CVE-2017-3167 | critical | 9.8 | 9.8 | 9y ago | In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being… | |||
| CVE-2017-3216 | critical | 9.8 | 9.8 | 9y ago | WiMAX routers based on the MediaTek SDK (libmtk) that use a custom httpd plugin are vulnerable to an authentication bypass allowing a remote, unauthenticated attacker to gain administrator access to … | |||
| CVE-2017-1000378 | critical | 9.8 | 9.8 | 9y ago | The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allow… | |||
| CVE-2017-1000375 | critical | 9.8 | 9.8 | 9y ago | NetBSD maps the run-time link-editor ld.so directly below the stack region, even if ASLR is enabled, this allows attackers to more easily manipulate memory leading to arbitrary code execution. This a… | |||
| CVE-2017-1000374 | critical | 9.8 | 9.8 | 9y ago | A flaw exists in NetBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using certain setuid binaries. This affects NetBSD 7.1 and po… | |||
| CVE-2017-1000372 | critical | 9.8 | 9.8 | 9y ago | A flaw exists in OpenBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using setuid binaries such as /usr/bin/at. This affects Open… | |||
| CVE-2017-9757 | high | 8.8 | 9.8 | 9y ago | IPFire 2.19 has a Remote Command Injection vulnerability in ids.cgi via the OINKCODE parameter, which is mishandled by a shell. This can be exploited directly by authenticated users, or through CSRF. | |||
| CVE-2017-9730 | critical | 9.8 | 9.8 | 9y ago | SQL injection vulnerability in rdr.php in nuevoMailer version 6.0 and earlier allows remote attackers to execute arbitrary SQL commands via the "r" parameter. | |||
| CVE-2017-4984 | critical | 9.8 | 9.8 | 9y ago | In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80.8, an unauthenticated remote attacker may be able to elevate their permissions to root through a comm… | |||
| CVE-2017-9741 | critical | 9.8 | 9.8 | 9y ago | install/make-config.php in ProjectSend r754 allows remote attackers to execute arbitrary PHP code via the dbprefix parameter, related to replacing TABLES_PREFIX in the configuration file. | |||
| CVE-2017-9736 | critical | 9.8 | 9.8 | 9y ago | SPIP 3.1.x before 3.1.6 and 3.2.x before Beta 3 does not remove shell metacharacters from the host field, allowing a remote attacker to cause remote code execution. | |||
| CVE-2017-9728 | critical | 9.8 | 9.8 | 9y ago | In uClibc 0.9.33.2, there is an out-of-bounds read in the get_subexp function in misc/regex/regexec.c when processing a crafted regular expression. | |||
| CVE-2017-9602 | critical | 9.8 | 9.8 | 9y ago | KBVault Mysql Free Knowledge Base application package 0.16a comes with a FileExplorer/Explorer.aspx?id=/Uploads file-management component. An unauthenticated user can access the file upload and delet… | |||
| CVE-2017-1197 | critical | 9.8 | 9.8 | 9y ago | IBM BigFix Compliance (TEMA SUAv1 SCA SCM) uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 123672. | |||
| CVE-2017-7676 | critical | 9.8 | 9.8 | 9y ago | Policy resource matcher in Apache Ranger before 0.7.1 ignores characters after '' wildcard character | |||
| CVE-2017-2810 | critical | 9.8 | 9.8 | 9y ago | An exploitable vulnerability exists in the Databook loading functionality of Tablib 0.11.4. A yaml loaded Databook can execute arbitrary python commands resulting in command execution. An attacker ca… | |||
| CVE-2017-9246 | critical | 9.8 | 9.8 | 9y ago | New Relic .NET Agent contains SQL Injection | |||
| CVE-2017-6667 | critical | 9.8 | 9.8 | 9y ago | A vulnerability in the update process for the dynamic JAR file of the Cisco Context Service software development kit (SDK) could allow an unauthenticated, remote attacker to execute arbitrary code on… | |||
| CVE-2017-4992 | critical | 9.8 | 9.8 | 9y ago | Cloud Foundry UAA privilege escalation with user invitations | |||
| CVE-2017-4955 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in Pivotal PCF Elastic Runtime 1.6.x versions prior to 1.6.65, 1.7.x versions prior to 1.7.48, 1.8.x versions prior to 1.8.28, and 1.9.x versions prior to 1.9.5. Several crede… | |||
| CVE-2017-2773 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in Pivotal PCF Elastic Runtime 1.6.x versions prior to 1.6.60, 1.7.x versions prior to 1.7.41, 1.8.x versions prior to 1.8.23, and 1.9.x versions prior to 1.9.1. Incomplete va… | |||
| CVE-2017-9542 | critical | 9.8 | 9.8 | 9y ago | D-Link DIR-615 Wireless N 300 Router allows authentication bypass via a modified POST request to login.cgi. This issue occurs because it fails to validate the password field. Successful exploitation … | |||
| CVE-2017-4918 | critical | 9.8 | 9.8 | 9y ago | VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) contains a command injection vulnerability in the service startup script. Successful exploitation of this issue may allow unprivileged use… | |||
| CVE-2017-5878 | critical | 9.8 | 9.8 | 9y ago | The AMF unmarshallers in Red5 Media Server before 1.0.8 do not restrict the classes for which it performs deserialization, which allows remote attackers to execute arbitrary code via crafted serializ… | |||
| CVE-2017-6640 | critical | 9.8 | 9.8 | 9y ago | A vulnerability in Cisco Prime Data Center Network Manager (DCNM) Software could allow an unauthenticated, remote attacker to log in to the administrative console of a DCNM server by using an account… | |||
| CVE-2017-6639 | critical | 9.8 | 9.8 | 9y ago | A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to access sensitive information… | |||
| CVE-2017-4907 | critical | 9.8 | 9.8 | 9y ago | VMware Unified Access Gateway (2.5.x, 2.7.x, 2.8.x prior to 2.8.1) and Horizon View (7.x prior to 7.1.0, 6.x prior to 6.2.4) contain a heap buffer-overflow vulnerability which may allow a remote atta… | |||
| CVE-2017-4917 | critical | 9.8 | 9.8 | 9y ago | VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x locally stores vCenter Server credentials using reversible encryption. This issue may allow plaintext credentials to be obtained. | |||
| CVE-2017-4914 | critical | 9.8 | 9.8 | 9y ago | VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x contains a deserialization issue. Exploitation of this issue may allow a remote attacker to execute commands on the appliance. | |||
| CVE-2017-1196 | critical | 9.8 | 9.8 | 9y ago | IBM BigFix Compliance (TEMA SUAv1 SCA SCM) 1.9.70 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID:… | |||
| CVE-2017-7312 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1. When going to the /TabId/275 URI, anyone can add a vendor account or read existing vendor account data (including usernames and… | |||
| CVE-2017-9462 | high | 8.8 | 9.8 | 9y ago | In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name. | |||
| CVE-2017-9436 | critical | 9.8 | 9.8 | 9y ago | TeamPass SQL injection in users.queries.php | |||
| CVE-2017-9435 | critical | 9.8 | 9.8 | 9y ago | Dolibarr ERP and CRM SQLi | |||
| CVE-2017-8837 | critical | 9.8 | 9.8 | 9y ago | Cleartext password storage exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The files in questio… | |||
| CVE-2017-9430 | critical | 9.8 | 9.8 | 9y ago | Stack-based buffer overflow in dnstracer through 1.9 allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a command line with a long name ar… | |||
| CVE-2017-9433 | critical | 9.8 | 9.8 | 9y ago | Document Liberation Project libmwaw before 2017-04-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the MsWrd1Parser::readFootnoteCorrespondance function in lib/MsWrd1P… | |||
| CVE-2017-9432 | critical | 9.8 | 9.8 | 9y ago | Document Liberation Project libstaroffice before 2017-04-07 has an out-of-bounds write caused by a stack-based buffer overflow related to the DatabaseName::read function in lib/StarWriterStruct.cxx. | |||
| CVE-2017-9431 | critical | 9.8 | 9.8 | 9y ago | Google gRPC before 2017-04-05 has an out-of-bounds write caused by a heap-based buffer overflow related to core/lib/iomgr/error.c. | |||
| CVE-2017-9417 | critical | 9.8 | 9.8 | 9y ago | Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the "Broadpwn" issue. | |||
| CVE-2017-9364 | critical | 9.8 | 9.8 | 9y ago | Unrestricted File Upload exists in BigTree CMS through 4.2.18: if an attacker uploads an 'xxx.pht' or 'xxx.phtml' file, they could bypass a safety check and execute any code. | |||
| CVE-2017-9363 | critical | 9.8 | 9.8 | 9y ago | Untrusted Java serialization in Soffid IAM console before 1.7.5 allows remote attackers to achieve arbitrary remote code execution via a crafted authentication request. | |||
| CVE-2017-9360 | critical | 9.8 | 9.8 | 9y ago | WebsiteBaker v2.10.0 has a SQL injection vulnerability in /account/details.php. | |||
| CVE-2017-9294 | critical | 9.8 | 9.8 | 9y ago | RMI vulnerability in Hitachi Device Manager before 8.5.2-01 allows remote attackers to execute internal commands without authentication via RMI ports. | |||
| CVE-2017-9148 | critical | 9.8 | 9.8 | 9y ago | The TLS session cache in FreeRADIUS 2.1.1 through 2.1.7, 3.0.x before 3.0.14, 3.1.x before 2017-02-04, and 4.0.x before 2017-02-04 fails to reliably prevent resumption of an unauthenticated session, … | |||
| CVE-2017-7915 | critical | 9.8 | 9.8 | 9y ago | An Improper Restriction of Excessive Authentication Attempts issue was discovered in Moxa OnCell G3110-HSPA Version 1.3 build 15082117 and previous versions, OnCell G3110-HSDPA Version 1.2 Build 0912… | |||
| CVE-2017-7913 | critical | 9.8 | 9.8 | 9y ago | A Plaintext Storage of a Password issue was discovered in Moxa OnCell G3110-HSPA Version 1.3 build 15082117 and previous versions, OnCell G3110-HSDPA Version 1.2 Build 09123015 and previous versions,… | |||
| CVE-2017-9265 | critical | 9.8 | 9.8 | 9y ago | In Open vSwitch (OvS) v2.7.0, there is a buffer over-read while parsing the group mod OpenFlow message sent from the controller in `lib/ofp-util.c` in the function `ofputil_pull_ofp15_group_mod`. | |||
| CVE-2017-9264 | critical | 9.8 | 9.8 | 9y ago | In lib/conntrack.c in the firewall implementation in Open vSwitch (OvS) 2.6.1, there is a buffer over-read while parsing malformed TCP, UDP, and IPv6 packets in the functions `extract_l3_ipv6`, `extr… | |||
| CVE-2017-9034 | critical | 9.8 | 9.8 | 9y ago | Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows attackers to write to arbitrary files and consequently execute arbitrary code with root privileges by leveraging failure to validate soft… | |||
| CVE-2017-9228 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitset_set_range() during regular ex… | |||
| CVE-2017-9227 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in mbc_enc_len() during regular express… | |||
| CVE-2017-9226 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read occurs in next_state_val() during regu… | |||
| CVE-2017-9225 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds write in onigenc_unicode_get_case_fold_codes_by_str… | |||
| CVE-2017-9224 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in match_at() during regular expression… | |||
| CVE-2017-2801 | critical | 9.8 | 9.8 | 9y ago | A programming error exists in a way Randombit Botan cryptographic library version 2.0.1 implements x500 string comparisons which could lead to certificate verification issues and abuse. A specially c… | |||
| CVE-2017-2800 | critical | 9.8 | 9.8 | 9y ago | A specially crafted x509 certificate can cause a single out of bounds byte overwrite in wolfSSL through 3.10.2 resulting in potential certificate validation vulnerabilities, denial of service and pos… | |||
| CVE-2017-9214 | critical | 9.8 | 9.8 | 9y ago | In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pu… | |||
| CVE-2017-6131 | critical | 9.8 | 9.8 | 9y ago | In some circumstances, an F5 BIG-IP version 12.0.0 to 12.1.2 and 13.0.0 Azure cloud instance may contain a default administrative password which could be used to remotely log into the BIG-IP system. … | |||
| CVE-2017-9200 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:528:63. | |||
| CVE-2017-9199 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:192:19. | |||
| CVE-2017-9198 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:508:18. | |||
| CVE-2017-9197 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:498:55. | |||
| CVE-2017-9196 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a "negative-size-param" issue in the ReadImage function in input-tga.c:528:7. | |||
| CVE-2017-9195 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:620:27. | |||
| CVE-2017-9194 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:559:29. | |||
| CVE-2017-9193 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:538:33. | |||
| CVE-2017-9192 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-tga.c:528:7. | |||
| CVE-2017-9191 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the rle_fread function in input-tga.c:252:15. | |||
| CVE-2017-9188 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a "left shift ... cannot be represented in type int" issue in input-bmp.c:516:63. | |||
| CVE-2017-9187 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:486:7. |