Search Results (6824 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-6499 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2025-04-20 N/A
An issue was discovered in Magick++ in ImageMagick 6.9.7. A specially crafted file creating a nested exception could lead to a memory leak (thus, a DoS).
CVE-2017-6386 1 Virglrenderer Project 1 Virglrenderer 2025-04-20 6.5 Medium
Memory leak in the vrend_create_vertex_elements_state function in vrend_renderer.c in virglrenderer allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRGL_OBJECT_VERTEX_ELEMENTS commands.
CVE-2017-6384 1 Atheme 1 Atheme 2025-04-20 N/A
Memory leak in the login_user function in saslserv/main.c in saslserv/main.so in Atheme 7.2.7 allows a remote unauthenticated attacker to consume memory and cause a denial of service. This is fixed in 7.2.8.
CVE-2016-10329 1 Synology 1 Photo Station 2025-04-20 N/A
Command injection vulnerability in login.php in Synology Photo Station before 6.5.3-3226 allows remote attackers to execute arbitrary code via shell metacharacters in the crafted 'X-Forwarded-For' header.
CVE-2016-10312 1 Jensenofscandinavia 6 Al3g, Al3g Firmware, Al5000ac and 3 more 2025-04-20 N/A
Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Air:Link 5000AC (AL5000AC) version 1.13, and Air:Link 59300 (AL59300) version 1.04 (Rev. 4) devices allow remote attackers to execute arbitrary commands via shell metacharacters to certain /goform/* pages.
CVE-2017-15268 2 Qemu, Redhat 3 Qemu, Enterprise Linux, Openstack 2025-04-20 N/A
Qemu through 2.10.0 allows remote attackers to cause a memory leak by triggering slow data-channel read operations, related to io/channel-websock.c.
CVE-2016-10155 3 Debian, Qemu, Redhat 4 Debian Linux, Qemu, Enterprise Linux and 1 more 2025-04-20 6.0 Medium
Memory leak in hw/watchdog/wdt_i6300esb.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
CVE-2016-10098 1 Sendquick 4 Avera Sms Gateway, Avera Sms Gateway Firmware, Entera Sms Gateway and 1 more 2025-04-20 N/A
An issue was discovered on SendQuick Entera and Avera devices before 2HF16. Multiple Command Injection vulnerabilities allow attackers to execute arbitrary system commands.
CVE-2017-14930 1 Gnu 1 Binutils 2025-04-20 N/A
Memory leak in decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file.
CVE-2017-15225 1 Gnu 1 Binutils 2025-04-20 N/A
_bfd_dwarf2_cleanup_debug_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (memory leak) via a crafted ELF file.
CVE-2016-4922 1 Juniper 1 Junos 2025-04-20 N/A
Certain combinations of Junos OS CLI commands and arguments have been found to be exploitable in a way that can allow unauthorized access to the operating system. This may allow any user with permissions to run these CLI commands the ability to achieve elevated privileges and gain complete control of the device. Affected releases are Juniper Networks Junos OS 11.4 prior to 11.4R13-S3; 12.1X46 prior to 12.1X46-D60; 12.1X47 prior to 12.1X47-D45; 12.3 prior to 12.3R12; 12.3X48 prior to 12.3X48-D35; 13.2 prior to 13.2R9; 13.3 prior to 13.3R4-S11, 13.3R9; 14.1 prior to 14.1R4-S12, 14.1R7; 14.1X53 prior to 14.1X53-D28, 14.1X53-D40; 14.1X55 prior to 14.1X55-D35; 14.2 prior to 14.2R3-S10, 14.2R4-S7, 14.2R5; 15.1 prior to 15.1F4, 15.1R3; 15.1X49 prior to 15.1X49-D60; 15.1X53 prior to 15.1X53-D57, 15.1X53-D70.
CVE-2017-6183 1 Sophos 1 Web Appliance 2025-04-20 N/A
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's configuration utilities for adding (and detecting) Active Directory servers was vulnerable to remote command injection, aka NSWA-1314.
CVE-2017-14970 1 Openvswitch 1 Openvswitch 2025-04-20 N/A
In lib/ofp-util.c in Open vSwitch (OvS) before 2.8.1, there are multiple memory leaks while parsing malformed OpenFlow group mod messages. NOTE: the vendor disputes the relevance of this report, stating "it can only be triggered by an OpenFlow controller, but OpenFlow controllers have much more direct and powerful ways to force Open vSwitch to allocate memory, such as by inserting flows into the flow table."
CVE-2016-4929 1 Juniper 1 Junos Space 2025-04-20 N/A
Command injection vulnerability in Junos Space before 15.2R2 allows attackers to execute arbitrary code as a root user.
CVE-2017-15217 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2025-04-20 N/A
ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c.
CVE-2017-15189 1 Wireshark 1 Wireshark 2025-04-20 N/A
In Wireshark 2.4.0 to 2.4.1, the DOCSIS dissector could go into an infinite loop. This was addressed in plugins/docsis/packet-docsis.c by adding decrements.
CVE-2015-2857 1 Accellion 1 File Transfer Appliance 2025-04-20 9.8 Critical
Accellion File Transfer Appliance before FTA_9_11_210 allows remote attackers to execute arbitrary code via shell metacharacters in the oauth_token parameter.
CVE-2015-0296 2 Fedoraproject, Tug 2 Fedora, Texlive 2025-04-20 N/A
The pre-install script in texlive 3.1.20140525_r34255.fc21 as packaged in Fedora 21 and rpm, and texlive 6.20131226_r32488.fc20 and rpm allows local users to delete arbitrary files via a crafted file in the user's home directory.
CVE-2017-5993 1 Virglrenderer Project 1 Virglrenderer 2025-04-20 N/A
Memory leak in the vrend_renderer_init_blit_ctx function in vrend_blitter.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRGL_CCMD_BLIT commands.
CVE-2017-14938 1 Gnu 1 Binutils 2025-04-20 N/A
_bfd_elf_slurp_version_tables in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file.