Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2017-13782 | 4.3 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a /dev/dtracehelper attack involving the dtrace_dif_va
|
12-06-2023 - 07:15 | 13-11-2017 - 03:29 | |
CVE-2016-5387 | 6.8 |
The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an app
|
07-09-2022 - 17:40 | 19-07-2016 - 02:00 | |
CVE-2016-8743 | 5.0 |
Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in
|
07-09-2022 - 17:39 | 27-07-2017 - 21:29 | |
CVE-2017-7668 | 5.0 |
The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacke
|
21-04-2022 - 14:40 | 20-06-2017 - 01:29 | |
CVE-2017-7679 | 7.5 |
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.
|
06-06-2021 - 11:15 | 20-06-2017 - 01:29 | |
CVE-2017-9788 | 6.4 |
In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial ke
|
06-06-2021 - 11:15 | 13-07-2017 - 16:29 | |
CVE-2017-7659 | 5.0 |
A maliciously constructed HTTP/2 request could cause mod_http2 in Apache HTTP Server 2.4.24, 2.4.25 to dereference a NULL pointer and crash the server process.
|
06-06-2021 - 11:15 | 26-07-2017 - 21:29 | |
CVE-2017-9789 | 5.0 |
When under stress, closing many connections, the HTTP/2 handling code in Apache httpd 2.4.26 would sometimes access memory after it has been freed, resulting in potentially erratic behaviour.
|
06-06-2021 - 11:15 | 13-07-2017 - 16:29 | |
CVE-2017-3169 | 7.5 |
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port.
|
06-06-2021 - 11:15 | 20-06-2017 - 01:29 | |
CVE-2016-8740 | 5.0 |
The mod_http2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configuration includes h2 or h2c, does not restrict request-header length, which allows remote attackers to cause a denial of service (memory consumption) via cr
|
06-06-2021 - 11:15 | 05-12-2016 - 19:59 | |
CVE-2017-3167 | 7.5 |
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.
|
06-06-2021 - 11:15 | 20-06-2017 - 01:29 | |
CVE-2016-2161 | 5.0 |
In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid requests.
|
06-06-2021 - 11:15 | 27-07-2017 - 21:29 | |
CVE-2016-0736 | 5.0 |
In Apache HTTP Server versions 2.4.0 to 2.4.23, mod_session_crypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation (AES256-CBC by default), hence no selectable or builtin authenticated en
|
06-06-2021 - 11:15 | 27-07-2017 - 21:29 | |
CVE-2017-13080 | 2.9 |
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.
|
10-11-2020 - 21:15 | 17-10-2017 - 13:29 | |
CVE-2017-13687 | 7.5 |
The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().
|
28-10-2020 - 19:35 | 14-09-2017 - 06:29 | |
CVE-2017-13725 | 7.5 |
The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().
|
28-10-2020 - 19:28 | 14-09-2017 - 06:29 | |
CVE-2017-13028 | 7.5 |
The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print().
|
28-10-2020 - 19:23 | 14-09-2017 - 06:29 | |
CVE-2017-13024 | 7.5 |
The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().
|
28-10-2020 - 19:20 | 14-09-2017 - 06:29 | |
CVE-2017-13020 | 7.5 |
The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().
|
28-10-2020 - 19:19 | 14-09-2017 - 06:29 | |
CVE-2017-13004 | 7.5 |
The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c:juniper_parse_header().
|
28-10-2020 - 19:16 | 14-09-2017 - 06:29 | |
CVE-2017-12899 | 7.5 |
The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print().
|
23-10-2020 - 18:17 | 14-09-2017 - 06:29 | |
CVE-2017-12987 | 7.5 |
The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().
|
23-10-2020 - 18:17 | 14-09-2017 - 06:29 | |
CVE-2017-12896 | 7.5 |
The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().
|
23-10-2020 - 18:17 | 14-09-2017 - 06:29 | |
CVE-2017-12902 | 7.5 |
The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions.
|
23-10-2020 - 18:17 | 14-09-2017 - 06:29 | |
CVE-2017-11103 | 6.8 |
Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name
|
18-08-2020 - 15:05 | 13-07-2017 - 13:29 | |
CVE-2017-13786 | 2.1 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "APFS" component. It does not properly restrict the DMA mapping time of FileVault decryption buffers, which allows attackers to read cleartext
|
03-10-2019 - 00:03 | 13-11-2017 - 03:29 | |
CVE-2017-13688 | 7.5 |
The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13828 | 4.3 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Fonts" component. It allows remote attackers to spoof the user interface via crafted text.
|
03-10-2019 - 00:03 | 13-11-2017 - 03:29 | |
CVE-2017-13689 | 7.5 |
The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13690 | 7.5 |
The IKEv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13052 | 7.5 |
The CFM parser in tcpdump before 4.9.2 has a buffer over-read in print-cfm.c:cfm_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13055 | 7.5 |
The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_is_reach_subtlv().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13077 | 5.4 |
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
|
03-10-2019 - 00:03 | 17-10-2017 - 02:29 | |
CVE-2017-13036 | 7.5 |
The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13014 | 7.5 |
The White Board protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-wb.c:wb_prep(), several functions.
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13030 | 7.5 |
The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions.
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13033 | 7.5 |
The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13029 | 7.5 |
The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13050 | 7.5 |
The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-12998 | 7.5 |
The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_extd_ip_reach().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13054 | 7.5 |
The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-12897 | 7.5 |
The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13044 | 7.5 |
The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv4_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-12988 | 7.5 |
The telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13002 | 7.5 |
The AODV parser in tcpdump before 4.9.2 has a buffer over-read in print-aodv.c:aodv_extension().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13045 | 7.5 |
The VQP parser in tcpdump before 4.9.2 has a buffer over-read in print-vqp.c:vqp_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-12997 | 5.0 |
The LLDP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-lldp.c:lldp_private_8021_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-12996 | 7.5 |
The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13021 | 7.5 |
The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-11542 | 7.5 |
tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c.
|
03-10-2019 - 00:03 | 23-07-2017 - 03:29 | |
CVE-2017-13041 | 7.5 |
The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13022 | 7.5 |
The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13001 | 7.5 |
The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:nfs_printfh().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13025 | 7.5 |
The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13016 | 7.5 |
The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13010 | 7.5 |
The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-12994 | 7.5 |
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-12898 | 7.5 |
The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13043 | 7.5 |
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_multicast_vpn().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13037 | 7.5 |
The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13031 | 7.5 |
The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13027 | 7.5 |
The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13013 | 7.5 |
The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions.
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13051 | 7.5 |
The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13032 | 7.5 |
The RADIUS parser in tcpdump before 4.9.2 has a buffer over-read in print-radius.c:print_attr_string().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13019 | 7.5 |
The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13018 | 7.5 |
The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-12894 | 7.5 |
Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13047 | 7.5 |
The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13049 | 7.5 |
The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13048 | 7.5 |
The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13046 | 7.5 |
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13038 | 7.5 |
The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13026 | 7.5 |
The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c, several functions.
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13017 | 7.5 |
The DHCPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-dhcp6.c:dhcp6opt_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-12999 | 7.5 |
The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-12893 | 7.5 |
The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-12990 | 5.0 |
The ISAKMP parser in tcpdump before 4.9.2 could enter an infinite loop due to bugs in print-isakmp.c, several functions.
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-12986 | 7.5 |
The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13035 | 7.5 |
The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_id().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13023 | 7.5 |
The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13040 | 7.5 |
The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions.
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-11541 | 7.5 |
tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c.
|
03-10-2019 - 00:03 | 23-07-2017 - 03:29 | |
CVE-2017-13078 | 2.9 |
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.
|
03-10-2019 - 00:03 | 17-10-2017 - 13:29 | |
CVE-2017-13039 | 7.5 |
The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13053 | 7.5 |
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13042 | 7.5 |
The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv6_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13034 | 7.5 |
The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-12989 | 5.0 |
The RESP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-resp.c:resp_get_length().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-12900 | 7.5 |
Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-print.c:tok2strbuf().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13015 | 7.5 |
The EAP parser in tcpdump before 4.9.2 has a buffer over-read in print-eap.c:eap_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-12992 | 7.5 |
The RIPng parser in tcpdump before 4.9.2 has a buffer over-read in print-ripng.c:ripng_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-12985 | 7.5 |
The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13005 | 7.5 |
The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:xid_map_enter().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13012 | 7.5 |
The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-12995 | 5.0 |
The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-12991 | 7.5 |
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13009 | 7.5 |
The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13006 | 7.5 |
The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions.
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-12993 | 7.5 |
The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c, several functions.
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-11108 | 5.0 |
tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree
|
03-10-2019 - 00:03 | 08-07-2017 - 17:29 | |
CVE-2017-13008 | 7.5 |
The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-12895 | 7.5 |
The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13000 | 7.5 |
The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_15_4.c:ieee802_15_4_if_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13007 | 7.5 |
The Apple PKTAP parser in tcpdump before 4.9.2 has a buffer over-read in print-pktap.c:pktap_if_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13003 | 7.5 |
The LMP parser in tcpdump before 4.9.2 has a buffer over-read in print-lmp.c:lmp_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-12901 | 7.5 |
The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print().
|
03-10-2019 - 00:03 | 14-09-2017 - 06:29 | |
CVE-2017-13833 | 9.3 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CFNetwork" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption)
|
29-04-2019 - 16:31 | 13-11-2017 - 03:29 | |
CVE-2017-13852 | 4.3 |
An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "Kernel" component. It allows attackers to monitor
|
08-03-2019 - 16:06 | 13-11-2017 - 03:29 | |
CVE-2017-13799 | 9.3 |
An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "Kernel" component. It allows attackers to execute
|
08-03-2019 - 16:06 | 13-11-2017 - 03:29 | |
CVE-2017-13804 | 4.3 |
An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "StreamingZip" component. It allows remote attacker
|
08-03-2019 - 16:06 | 13-11-2017 - 03:29 | |
CVE-2017-1000101 | 4.3 |
curl supports "globbing" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl rea
|
13-11-2018 - 11:29 | 05-10-2017 - 01:29 | |
CVE-2017-1000100 | 4.3 |
When doing a TFTP transfer and curl/libcurl is given a URL that contains a very long file name (longer than about 515 bytes), the file name is truncated to fit within the buffer boundaries, but the buffer size is still wrongly updated to use the untr
|
13-11-2018 - 11:29 | 05-10-2017 - 01:29 | |
CVE-2017-13011 | 7.5 |
Several protocol parsers in tcpdump before 4.9.2 could cause a buffer overflow in util-print.c:bittok2str_internal().
|
17-05-2018 - 01:29 | 14-09-2017 - 06:29 | |
CVE-2017-11543 | 7.5 |
tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in print-sl.c.
|
17-05-2018 - 01:29 | 23-07-2017 - 03:29 | |
CVE-2017-7170 | 9.3 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Security" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app.
|
27-04-2018 - 17:22 | 03-04-2018 - 06:29 | |
CVE-2017-13846 | 10.0 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the third-party "PCRE" product. Versions before 8.40 allow remote attackers to cause a denial of service (application crash) or possibly have unsp
|
28-11-2017 - 13:03 | 13-11-2017 - 03:29 | |
CVE-2017-13843 | 9.3 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via
|
28-11-2017 - 13:03 | 13-11-2017 - 03:29 | |
CVE-2017-13832 | 7.5 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "802.1X" component. It allows attackers to have an unspecified impact by leveraging TLS 1.0 support.
|
28-11-2017 - 13:03 | 13-11-2017 - 03:29 | |
CVE-2017-13836 | 4.3 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
|
28-11-2017 - 13:02 | 13-11-2017 - 03:29 | |
CVE-2017-13838 | 9.3 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Sandbox" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) vi
|
28-11-2017 - 13:01 | 13-11-2017 - 03:29 | |
CVE-2017-13840 | 4.3 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
|
28-11-2017 - 12:59 | 13-11-2017 - 03:29 | |
CVE-2017-13841 | 4.3 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
|
28-11-2017 - 12:59 | 13-11-2017 - 03:29 | |
CVE-2017-13842 | 4.3 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
|
28-11-2017 - 12:58 | 13-11-2017 - 03:29 | |
CVE-2017-13834 | 9.3 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via
|
27-11-2017 - 18:43 | 13-11-2017 - 03:29 | |
CVE-2017-7132 | 6.8 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Quick Look" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory consumption) via a crafted O
|
27-11-2017 - 18:36 | 13-11-2017 - 03:29 | |
CVE-2017-13820 | 5.8 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ATS" component. It allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruptio
|
27-11-2017 - 18:31 | 13-11-2017 - 03:29 | |
CVE-2017-13822 | 4.3 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Quick Look" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
|
27-11-2017 - 18:21 | 13-11-2017 - 03:29 | |
CVE-2017-13821 | 4.3 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CFString" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
|
27-11-2017 - 18:21 | 13-11-2017 - 03:29 | |
CVE-2017-13823 | 4.3 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "QuickTime" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
|
27-11-2017 - 18:20 | 13-11-2017 - 03:29 | |
CVE-2017-13825 | 6.8 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CoreText" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory consumption) via a crafted fon
|
27-11-2017 - 18:02 | 13-11-2017 - 03:29 | |
CVE-2017-13824 | 6.8 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Open Scripting Architecture" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption)
|
27-11-2017 - 18:02 | 13-11-2017 - 03:29 | |
CVE-2017-13829 | 9.3 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CFNetwork" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption)
|
27-11-2017 - 18:00 | 13-11-2017 - 03:29 | |
CVE-2017-13830 | 9.3 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "HFS" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a
|
27-11-2017 - 17:58 | 13-11-2017 - 03:29 | |
CVE-2017-13831 | 5.8 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to obtain sensitive information or cause a denial of service via a crafted image.
|
27-11-2017 - 17:57 | 13-11-2017 - 03:29 | |
CVE-2017-13819 | 4.3 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "HelpViewer" component. A cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML by bypassing
|
27-11-2017 - 17:52 | 13-11-2017 - 03:29 | |
CVE-2017-13818 | 4.3 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
|
27-11-2017 - 17:51 | 13-11-2017 - 03:29 | |
CVE-2017-13817 | 2.1 |
An out-of-bounds read issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows local users to bypass intended memory-read restrictions.
|
27-11-2017 - 17:48 | 13-11-2017 - 03:29 | |
CVE-2017-13816 | 6.8 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "libarchive" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application cra
|
27-11-2017 - 17:47 | 13-11-2017 - 03:29 | |
CVE-2017-13814 | 6.8 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application cras
|
27-11-2017 - 17:46 | 13-11-2017 - 03:29 | |
CVE-2017-13815 | 10.0 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the third-party "file" product. Versions before 5.31 allow remote attackers to cause a denial of service (application crash) or possibly have unsp
|
27-11-2017 - 17:46 | 13-11-2017 - 03:29 | |
CVE-2017-13813 | 6.8 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "libarchive" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application cra
|
27-11-2017 - 17:45 | 13-11-2017 - 03:29 | |
CVE-2017-13812 | 6.8 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "libarchive" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application c
|
27-11-2017 - 17:44 | 13-11-2017 - 03:29 | |
CVE-2017-13811 | 9.3 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "fsck_msdos" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption)
|
27-11-2017 - 17:41 | 13-11-2017 - 03:29 | |
CVE-2017-13810 | 2.1 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows local users to obtain sensitive information by leveraging an error in packet counters.
|
27-11-2017 - 17:22 | 13-11-2017 - 03:29 | |
CVE-2017-13809 | 6.8 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "AppleScript" component. It allows remote attackers to execute arbitrary code via a crafted AppleScript file that is mishandled by osadecompil
|
27-11-2017 - 17:21 | 13-11-2017 - 03:29 | |
CVE-2017-13808 | 9.3 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Remote Management" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corr
|
27-11-2017 - 17:21 | 13-11-2017 - 03:29 | |
CVE-2017-13807 | 6.8 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Audio" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory consumption) via a crafted QuickT
|
27-11-2017 - 16:34 | 13-11-2017 - 03:29 | |
CVE-2017-13800 | 9.3 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "APFS" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a
|
27-11-2017 - 16:28 | 13-11-2017 - 03:29 | |
CVE-2017-13801 | 2.1 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Dictionary Widget" component. It allows attackers to read local files if pasted text is used in a search.
|
27-11-2017 - 16:28 | 13-11-2017 - 03:29 | |
CVE-2016-4736 | 9.3 |
libarchive in Apple OS X before 10.12 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted file.
|
14-11-2017 - 02:29 | 25-09-2016 - 10:59 |