CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Canonical : Security Vulnerabilities (CVSS score between 7 and 7.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
251 CVE-2018-1083 119 Exec Code Overflow 2018-03-28 2020-12-01
7.2
None Local Low Not required Complete Complete Complete
Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. A local unprivileged user can create a specially crafted directory path which leads to code execution in the context of the user who tries to use autocomplete to traverse the before mentioned path. If the user affected is privileged, this leads to privilege escalation.
252 CVE-2018-1068 787 2018-03-16 2019-05-14
7.2
None Local Low Not required Complete Complete Complete
A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.
253 CVE-2018-1066 476 2018-03-02 2019-04-23
7.1
None Remote Medium Not required None None Complete
The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation response is mishandled during session recovery.
254 CVE-2018-0643 78 Exec Code 2018-09-07 2018-11-13
7.4
None Local Network Medium ??? Complete Complete Complete
Ubuntu14.04 ORCA (Online Receipt Computer Advantage) 4.8.0 (panda-server) 1:1.4.9+p41-u4jma1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via unspecified vectors.
255 CVE-2018-0502 20 2018-09-05 2020-12-01
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in zsh before 5.6. The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second line.
256 CVE-2018-0500 787 Overflow 2018-07-11 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
Curl_smtp_escape_eob in lib/smtp.c in curl 7.54.1 to and including curl 7.60.0 has a heap-based buffer overflow that might be exploitable by an attacker who can control the data that curl transmits over SMTP with certain settings (i.e., use of a nonstandard --limit-rate argument or CURLOPT_BUFFERSIZE value).
257 CVE-2017-1000476 400 DoS 2018-01-03 2020-09-08
7.1
None Remote Medium Not required None None Complete
ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service.
258 CVE-2017-18922 787 Overflow 2020-06-30 2021-12-14
7.5
None Remote Low Not required Partial Partial Partial
It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overflow.
259 CVE-2017-18509 20 Exec Code 2019-08-13 2020-11-09
7.2
None Local Low Not required Complete Complete Complete
An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circumstances. The issue can be triggered as root (e.g., inside a default LXC container or with the CAP_NET_ADMIN capability) or after namespace unsharing. This occurs because sk_type and protocol are not checked in the appropriate part of the ip6_mroute_* functions. NOTE: this affects Linux distributions that use 4.9.x longterm kernels before 4.9.187.
260 CVE-2017-18273 835 DoS 2018-05-18 2020-09-08
7.1
None Remote Medium Not required None None Complete
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in a GetImageIndexInList call.
261 CVE-2017-18271 835 DoS 2018-05-18 2020-09-08
7.1
None Remote Medium Not required None None Complete
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted MIFF image file.
262 CVE-2017-18211 476 2018-03-01 2020-09-08
7.5
None Remote Low Not required Partial Partial Partial
In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function saveBinaryCLProgram in magick/opencl.c because a program-lookup result is not checked, related to CacheOpenCLKernel.
263 CVE-2017-18206 119 Overflow 2018-02-27 2020-12-01
7.5
None Remote Low Not required Partial Partial Partial
In utils.c in zsh before 5.4, symlink expansion had a buffer overflow.
264 CVE-2017-18028 770 DoS 2018-01-12 2019-10-03
7.1
None Remote Medium Not required None None Complete
In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file.
265 CVE-2017-17914 834 DoS 2017-12-27 2020-09-08
7.1
None Remote Medium Not required None None Complete
In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service (ReadOneMNGImage large loop) via a crafted mng image file.
266 CVE-2017-17833 119 Exec Code Overflow Mem. Corr. 2018-04-23 2020-05-15
7.5
None Remote Low Not required Partial Partial Partial
OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability.
267 CVE-2017-17682 400 DoS 2017-12-14 2020-09-08
7.1
None Remote Medium Not required None None Complete
In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in the function ExtractPostscript in coders/wpg.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted wpg image file that triggers a ReadWPGImage call.
268 CVE-2017-17681 835 DoS 2017-12-14 2020-08-19
7.1
None Remote Medium Not required None None Complete
In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted psd image file.
269 CVE-2017-17499 416 2017-12-11 2020-10-28
7.5
None Remote Low Not required Partial Partial Partial
ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp.
270 CVE-2017-17480 787 DoS Exec Code Overflow 2017-12-08 2021-02-03
7.5
None Remote Low Not required Partial Partial Partial
In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtovolume function in jp3d/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.
271 CVE-2017-16548 125 DoS 2017-11-06 2020-05-01
7.5
None Remote Low Not required Partial Partial Partial
The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a trailing '\0' character in an xattr name, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact by sending crafted data to the daemon.
272 CVE-2017-15118 787 Overflow 2018-07-27 2019-10-09
7.5
None Remote Low Not required Partial Partial Partial
A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, causing an out-of-bounds stack write in the qemu process. If NBD server requires TLS, the attacker cannot trigger the buffer overflow without first successfully negotiating TLS.
273 CVE-2017-15115 416 DoS 2017-11-15 2019-05-08
7.2
None Local Low Not required Complete Complete Complete
The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via crafted system calls.
274 CVE-2017-15032 772 2017-10-05 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.
275 CVE-2017-14746 416 Exec Code 2017-11-27 2018-10-21
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote attackers to execute arbitrary code via a crafted SMB1 request.
276 CVE-2017-14632 119 Exec Code Overflow 2017-09-21 2020-12-07
7.5
None Remote Low Not required Partial Partial Partial
Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184.
277 CVE-2017-14626 476 2017-09-21 2020-09-08
7.5
None Remote Low Not required Partial Partial Partial
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode in coders/sixel.c.
278 CVE-2017-14625 476 2017-09-21 2020-09-08
7.5
None Remote Low Not required Partial Partial Partial
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_output_create in coders/sixel.c.
279 CVE-2017-14624 476 2017-09-21 2020-09-08
7.5
None Remote Low Not required Partial Partial Partial
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c.
280 CVE-2017-14532 476 2017-09-18 2020-09-08
7.5
None Remote Low Not required Partial Partial Partial
ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in coders/tiff.c.
281 CVE-2017-14531 770 2017-09-18 2019-10-03
7.1
None Remote Medium Not required None None Complete
ImageMagick 7.0.7-0 has a memory exhaustion issue in ReadSUNImage in coders/sun.c.
282 CVE-2017-14496 191 DoS 2017-10-03 2018-05-11
7.8
None Remote Low Not required None None Complete
Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.
283 CVE-2017-14493 119 DoS Exec Code Overflow 2017-10-03 2018-03-04
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.
284 CVE-2017-14492 119 DoS Exec Code Overflow 2017-10-03 2018-03-04
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.
285 CVE-2017-14491 119 DoS Exec Code Overflow 2017-10-04 2021-11-17
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
286 CVE-2017-14341 400 2017-09-12 2020-10-15
7.1
None Remote Medium Not required None None Complete
ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGImage in coders/wpg.c, causing CPU exhaustion via a crafted wpg image file.
287 CVE-2017-14325 772 DoS 2017-09-12 2019-10-03
7.1
None Remote Medium Not required None None Complete
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function PersistPixelCache in magick/cache.c, which allows attackers to cause a denial of service (memory consumption in ReadMPCImage in coders/mpc.c) via a crafted file.
288 CVE-2017-14180 400 DoS +Priv 2018-02-02 2018-02-15
7.2
None Local Low Not required Complete Complete Complete
Apport 2.13 through 2.20.7 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges, a different vulnerability than CVE-2017-14179.
289 CVE-2017-14179 400 DoS +Priv 2018-02-02 2018-02-15
7.2
None Local Low Not required Complete Complete Complete
Apport before 2.13 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion, possibly gain root privileges, or escape from containers.
290 CVE-2017-14177 400 DoS +Priv 2018-02-02 2018-02-15
7.2
None Local Low Not required Complete Complete Complete
Apport through 2.20.7 does not properly handle core dumps from setuid binaries allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1324.
291 CVE-2017-14175 834 2017-09-07 2020-10-15
7.1
None Remote Medium Not required None None Complete
In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, is provided, the loop over the rows would consume huge CPU resources, since there is no EOF check inside the loop.
292 CVE-2017-14174 834 2017-09-07 2020-10-23
7.1
None Remote Medium Not required None None Complete
In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "length" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop.
293 CVE-2017-14172 834 2017-09-07 2020-10-15
7.1
None Remote Medium Not required None None Complete
In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "extent" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop.
294 CVE-2017-14064 119 Overflow 2017-08-31 2019-05-13
7.5
None Remote Low Not required Partial Partial Partial
Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during a JSON.generate call. The issues lies in using strdup in ext/json/ext/generator/generator.c, which will stop after encountering a '\0' byte, returning a pointer to a string of length zero, which is not the length stored in space_len.
295 CVE-2017-13139 125 2017-08-23 2020-10-14
7.5
None Remote Low Not required Partial Partial Partial
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.
296 CVE-2017-12693 770 DoS 2017-09-01 2020-09-08
7.1
None Remote Medium Not required None None Complete
The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted BMP file.
297 CVE-2017-12692 770 DoS 2017-09-01 2020-09-08
7.1
None Remote Medium Not required None None Complete
The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted VIFF file.
298 CVE-2017-12691 770 DoS 2017-09-01 2020-09-08
7.1
None Remote Medium Not required None None Complete
The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
299 CVE-2017-12629 611 Exec Code 2017-10-14 2021-08-17
7.5
None Remote Low Not required Partial Partial Partial
Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is NOT vulnerable to this. Note that the XML external entity expansion vulnerability occurs in the XML Query Parser which is available, by default, for any query request with parameters deftype=xmlparser and can be exploited to upload malicious data to the /upload request handler or as Blind XXE using ftp wrapper in order to read arbitrary local files from the Solr server. Note also that the second vulnerability relates to remote code execution using the RunExecutableListener available on all affected versions of Solr.
300 CVE-2017-11473 120 Overflow +Priv 2017-07-20 2021-01-05
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 3.2 allows local users to gain privileges via a crafted ACPI table.
Total number of vulnerabilities : 563   Page : 1 2 3 4 5 6 (This Page)7 8 9 10 11 12
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.