Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 2474 entries
IDDescriptionPriorityModified dateFixed Release
CVE-2016-6321 Directory traversal vulnerability in the safer_name_suffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the file_name parameter, aka POINTYFEATHER. MEDIUM Dec 9, 2016 10.17.41.1 (Wind River Linux LTS 17)
CVE-2014-9913 Buffer overflow in the list_files function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via vectors related to the compression method. Low Jan 20, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2016-9844 Buffer overflow in the zi_short function in zipinfo.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via a large compression method value in the central directory file header. LOW Jan 20, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2016-6252 Integer overflow in shadow 4.2.1 allows local users to gain privileges via crafted input to newuidmap. MEDIUM Feb 22, 2017 10.17.41.11 (Wind River Linux LTS 17)
CVE-2013-7459 Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py. High Feb 23, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2016-4491 The d_print_comp function in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, which triggers infinite recursion and a buffer overflow, related to a node having itself as ancestor more than once. MEDIUM Feb 24, 2017 10.17.41.11 (Wind River Linux LTS 17)
CVE-2016-10095 Stack-based buffer overflow in the _TIFFVGetField function in tif_dir.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (crash) via a crafted TIFF file. MEDIUM Mar 2, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2016-10228 The iconv program in the GNU C Library (aka glibc or libc6) 2.25 and earlier, when invoked with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service. MEDIUM Mar 3, 2017 10.17.41.24 (Wind River Linux LTS 17)
CVE-2017-6508 CRLF injection vulnerability in the url_parse function in url.c in Wget through 1.19.1 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in the host subcomponent of a URL. MEDIUM Mar 7, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2016-10166 Integer underflow in the _gdContributionsAlloc function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors related to decrementing the u variable. HIGH Mar 16, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2016-10167 The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted image file. MEDIUM Mar 16, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2016-10168 Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image. MEDIUM Mar 16, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2016-6906 The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file, related to the decompression buffer. MEDIUM Mar 16, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2015-4645 Integer overflow in the read_fragment_table_4 function in unsquash-4.c in Squashfs and sasquatch allows remote attackers to cause a denial of service (application crash) via a crafted input, which triggers a stack-based buffer overflow. Medium Mar 21, 2017 10.17.41.3 (Wind River Linux LTS 17)
CVE-2015-8985 The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing. Medium Mar 23, 2017 10.17.41.17 (Wind River Linux LTS 17)
CVE-2017-7206 The ff_h2645_extract_rbsp function in libavcodec in libav 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read) or obtain sensitive information from process memory via a crafted h264 video file. MEDIUM Mar 23, 2017 10.17.41.13 (Wind River Linux LTS 17)
CVE-2017-7208 The decode_residual function in libavcodec in libav 9.21 allows remote attackers to cause a denial of service (buffer over-read) or obtain sensitive information from process memory via a crafted h264 video file. MEDIUM Mar 23, 2017 10.17.41.3 (Wind River Linux LTS 17)
CVE-2016-1516 OpenCV 3.0.0 has a double free issue that allows attackers to execute arbitrary code. MEDIUM Apr 9, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2016-1517 OpenCV 3.0.0 allows remote attackers to cause a denial of service (segfault) via vectors involving corrupt chunks. MEDIUM Apr 9, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2015-4646 (1) unsquash-1.c, (2) unsquash-2.c, (3) unsquash-3.c, and (4) unsquash-4.c in Squashfs and sasquatch allow remote attackers to cause a denial of service (application crash) via a crafted input. MEDIUM Apr 13, 2017 10.17.41.13 (Wind River Linux LTS 17)
CVE-2017-7948 Integer overflow in the mark_curve function in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via a crafted PostScript document. MEDIUM Apr 19, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2017-7960 The cr_input_new_from_uri function in cr-input.c in libcroco 0.6.11 and 0.6.12 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted CSS file. MEDIUM Apr 19, 2017 10.17.41.3 (Wind River Linux LTS 17)
CVE-2017-7975 Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because of an integer overflow in the jbig2_build_huffman_table function in jbig2_huffman.c during operations on a crafted JBIG2 file, leading to a denial of service (application crash) or possibly execution of arbitrary code. MEDIUM Apr 24, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2017-8361 The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted audio file. MEDIUM May 5, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2017-8362 The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted audio file. MEDIUM May 5, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2017-8363 The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted audio file. MEDIUM May 5, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2017-8365 The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file. MEDIUM May 5, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2017-8779 rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service (memory consumption with no subsequent free) via a crafted UDP packet to port 111, aka rpcbomb. HIGH May 10, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2017-8872 The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service (buffer over-read) or information disclosure. MEDIUM May 10, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2017-6519 avahi-daemon in Avahi through 0.6.32 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) or obtain potentially sensitive information via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809. MEDIUM May 12, 2017 10.17.41.14 (Wind River Linux LTS 17)
CVE-2017-9147 LibTIFF 4.0.7 has an invalid read in the _TIFFVGetField function in tif_dir.c, which might allow remote attackers to cause a denial of service (crash) via a crafted TIFF file. MEDIUM May 22, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2017-9224 An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in match_at() during regular expression searching. A logical error involving order of validation and access in match_at() could result in an out-of-bounds read from a stack buffer. HIGH Jun 2, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2017-9226 An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read occurs in next_state_val() during regular expression compilation. Octal numbers larger than 0xff are not handled correctly in fetch_token() and fetch_token_in_cc(). A malformed regular expression containing an octal number in the form of \'\\700\' would produce an invalid code point value larger than 0xff in next_state_val(), resulting in an out-of-bounds write memory corruption. HIGH Jun 2, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2017-9227 An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in mbc_enc_len() during regular expression searching. Invalid handling of reg->dmin in forward_search_range() could result in an invalid pointer dereference, as an out-of-bounds read from a stack buffer. HIGH Jun 2, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2017-9228 An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitset_set_range() during regular expression compilation due to an uninitialized variable from an incorrect state transition. An incorrect state transition in parse_char_class() could create an execution path that leaves a critical local variable uninitialized until it\'s used as an index, resulting in an out-of-bounds write memory corruption. HIGH Jun 2, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2017-9229 An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A SIGSEGV occurs in left_adjust_char_head() during regular expression compilation. Invalid handling of reg->dmax in forward_search_range() could result in an invalid pointer dereference, normally as an immediate denial-of-service condition. MEDIUM Jun 2, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2017-9462 In Mercurial before 4.1.3, hg serve --stdio allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name. HIGH Jun 8, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2017-6892 In libsndfile version 1.0.28, an error in the aiff_read_chanmap() function (aiff.c) can be exploited to cause an out-of-bounds read memory access via a specially crafted AIFF file. MEDIUM Jun 12, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2017-9778 GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze malware with GDB. MEDIUM Jun 26, 2017 10.17.41.20 (Wind River Linux LTS 17)
CVE-2017-9935 In LibTIFF 4.0.8, there is a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. This heap overflow could lead to different damages. For example, a crafted TIFF document can lead to an out-of-bounds read in TIFFCleanup, an invalid free in TIFFClose or t2p_free, memory corruption in t2p_readwrite_pdf_image, or a double free in t2p_free. Given these possibilities, it probably could cause arbitrary code execution. MEDIUM Jun 26, 2017 10.17.41.5 (Wind River Linux LTS 17)
CVE-2017-9936 In LibTIFF 4.0.8, there is a memory leak in tif_jbig.c. A crafted TIFF document can lead to a memory leak resulting in a remote denial of service attack. MEDIUM Jun 26, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2017-10790 The _asn1_check_identifier function in GNU Libtasn1 through 4.12 causes a NULL pointer dereference and crash when reading crafted input that triggers assignment of a NULL value within an asn1_node structure. It may lead to a remote denial of service attack. MEDIUM Jul 1, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2017-10688 In LibTIFF 4.0.8, there is a assertion abort in the TIFFWriteDirectoryTagCheckedLong8Array function in tif_dirwrite.c. A crafted input will lead to a remote denial of service attack. Medium Jul 4, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2016-10396 The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending ISAKMP fragment packets in a particular order such that the worst-case computational complexity is realized in the algorithm utilized to determine if reassembly of the fragments can take place. HIGH Jul 6, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2017-10971 In the X.Org X server before 2017-06-19, a user authenticated to an X Session could crash or execute code in the context of the X Server by exploiting a stack overflow in the endianness conversion of X Events. MEDIUM Jul 6, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2017-11111 In Netwide Assembler (NASM) 2.14rc0, preproc.c allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. MEDIUM Jul 8, 2017 10.17.41.3 (Wind River Linux LTS 17)
CVE-2017-2820 An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary code execution. To trigger this vulnerability, a victim must open the malicious PDF in an application using this library. MEDIUM Jul 12, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2017-7506 spice versions though 0.13 are vulnerable to out-of-bounds memory access when processing specially crafted messages from authenticated attacker to the spice server resulting into crash and/or server memory leak. MEDIUM Jul 19, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2017-9814 cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) because of mishandling of an unexpected malloc(0) call. Medium Jul 19, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2017-11335 There is a heap based buffer overflow in tools/tiff2pdf.c of LibTIFF 4.0.8 via a PlanarConfig=Contig image, which causes a more than one hundred bytes out-of-bounds write (related to the ZIPDecode function in tif_zip.c). A crafted input may lead to a remote denial of service attack or an arbitrary code execution attack. Medium Jul 20, 2017 10.17.41.1 (Wind River Linux LTS 17)
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version. Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see https://docs.windriver.com/bundle/Support_and_Maintenance_Supplemental_Terms_and_Conditions and https://support2.windriver.com/index.php?page=plc for more information.
Live chat
Online