Export limit exceeded: 16496 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (16496 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-16844 2 Procmail, Redhat 2 Procmail, Enterprise Linux 2025-04-20 N/A
Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than CVE-2014-3618.
CVE-2016-8610 7 Debian, Fujitsu, Netapp and 4 more 55 Debian Linux, M10-1, M10-1 Firmware and 52 more 2025-04-20 7.5 High
A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients.
CVE-2016-8704 2 Memcached, Redhat 3 Memcached, Enterprise Linux, Mobile Application Platform 2025-04-20 N/A
An integer overflow in the process_bin_append_prepend function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.
CVE-2016-8743 4 Apache, Debian, Netapp and 1 more 13 Http Server, Debian Linux, Clustered Data Ontap and 10 more 2025-04-20 7.5 High
Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chain of proxies or interacts with back-end application servers, either through mod_proxy or using conventional CGI mechanisms, and may result in request smuggling, response splitting and cache pollution.
CVE-2016-8745 2 Apache, Redhat 3 Tomcat, Enterprise Linux, Jboss Enterprise Web Server 2025-04-20 N/A
A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 to 7.0.73 and 6.0.16 to 6.0.48 resulted in the current Processor object being added to the Processor cache multiple times. This in turn meant that the same Processor could be used for concurrent requests. Sharing a Processor can result in information leakage between requests including, not not limited to, session ID and the response body. The bug was first noticed in 8.5.x onwards where it appears the refactoring of the Connector code for 8.5.x onwards made it more likely that the bug was observed. Initially it was thought that the 8.5.x refactoring introduced the bug but further investigation has shown that the bug is present in all currently supported Tomcat versions.
CVE-2017-12613 3 Apache, Debian, Redhat 17 Portable Runtime, Debian Linux, Enterprise Linux and 14 more 2025-04-20 7.1 High
When apr_time_exp*() or apr_os_exp_time*() functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an apr_time_exp_t value, potentially revealing the contents of a different static heap value or resulting in program termination, and may represent an information disclosure or denial of service vulnerability to applications which call these APR functions with unvalidated external input.
CVE-2017-12629 4 Apache, Canonical, Debian and 1 more 9 Solr, Ubuntu Linux, Debian Linux and 6 more 2025-04-20 9.8 Critical
Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is NOT vulnerable to this. Note that the XML external entity expansion vulnerability occurs in the XML Query Parser which is available, by default, for any query request with parameters deftype=xmlparser and can be exploited to upload malicious data to the /upload request handler or as Blind XXE using ftp wrapper in order to read arbitrary local files from the Solr server. Note also that the second vulnerability relates to remote code execution using the RunExecutableListener available on all affected versions of Solr.
CVE-2017-12146 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-04-20 7.0 High
The driver_override implementation in drivers/base/platform.c in the Linux kernel before 4.12.1 allows local users to gain privileges by leveraging a race condition between a read operation and a store operation that involve different overrides.
CVE-2017-12900 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-04-20 N/A
Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-print.c:tok2strbuf().
CVE-2016-9311 2 Ntp, Redhat 2 Ntp, Enterprise Linux 2025-04-20 N/A
ntpd in NTP before 4.2.8p9, when the trap service is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted packet.
CVE-2017-12986 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-04-20 N/A
The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().
CVE-2017-12989 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-04-20 N/A
The RESP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-resp.c:resp_get_length().
CVE-2017-13029 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-04-20 N/A
The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options().
CVE-2017-13030 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-04-20 N/A
The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions.
CVE-2016-9388 3 Canonical, Jasper Project, Redhat 3 Ubuntu Linux, Jasper, Enterprise Linux 2025-04-20 5.5 Medium
The ras_getcmap function in ras_dec.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file.
CVE-2017-13033 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-04-20 N/A
The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().
CVE-2017-13036 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-04-20 N/A
The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().
CVE-2017-13052 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-04-20 N/A
The CFM parser in tcpdump before 4.9.2 has a buffer over-read in print-cfm.c:cfm_print().
CVE-2017-13077 7 Canonical, Debian, Freebsd and 4 more 13 Ubuntu Linux, Debian Linux, Freebsd and 10 more 2025-04-20 N/A
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
CVE-2016-9444 2 Isc, Redhat 3 Bind, Enterprise Linux, Rhel Eus 2025-04-20 N/A
named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted DS resource record in an answer.