Skip to main content
CVE-2017-13054 CRITICAL PATCH Act Now

The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tcpdump
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2017-13053 CRITICAL PATCH Act Now

The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tcpdump
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2017-13049 CRITICAL PATCH Act Now

The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tcpdump
NVD GitHub
CVSS 3.0
9.8
EPSS
0.6%
CVE-2017-13048 CRITICAL PATCH Act Now

The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tcpdump
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2017-13039 CRITICAL PATCH Act Now

The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tcpdump
NVD GitHub
CVSS 3.0
9.8
EPSS
0.6%
CVE-2017-13035 CRITICAL PATCH Act Now

The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_id(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tcpdump
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2017-13034 CRITICAL PATCH Act Now

The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tcpdump
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2017-13032 CRITICAL PATCH Act Now

The RADIUS parser in tcpdump before 4.9.2 has a buffer over-read in print-radius.c:print_attr_string(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tcpdump
NVD GitHub
CVSS 3.0
9.8
EPSS
0.6%
CVE-2017-13031 CRITICAL PATCH Act Now

The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tcpdump
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2017-13029 CRITICAL PATCH Act Now

The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tcpdump
NVD GitHub
CVSS 3.0
9.8
EPSS
0.6%
CVE-2017-13025 CRITICAL PATCH Act Now

The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tcpdump
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2017-13023 CRITICAL PATCH Act Now

The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tcpdump
NVD GitHub
CVSS 3.0
9.8
EPSS
0.6%
CVE-2017-13022 CRITICAL PATCH Act Now

The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tcpdump
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2017-13001 CRITICAL PATCH Act Now

The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:nfs_printfh(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tcpdump
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2017-12991 CRITICAL PATCH Act Now

The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tcpdump
NVD GitHub
CVSS 3.0
9.8
EPSS
0.6%
CVE-2017-12897 CRITICAL PATCH Act Now

The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tcpdump
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2017-12893 CRITICAL PATCH Act Now

The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tcpdump
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2017-13046 CRITICAL PATCH Act Now

The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tcpdump
NVD GitHub
CVSS 3.0
9.8
EPSS
0.4%
CVE-2017-13036 CRITICAL PATCH Act Now

The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tcpdump
NVD GitHub
CVSS 3.0
9.8
EPSS
0.4%
CVE-2017-14482 HIGH PATCH This Week

GNU Emacs before 25.3 allows remote attackers to execute arbitrary code via email with crafted "Content-Type: text/enriched" data containing an x-display XML element that specifies execution of shell. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Emacs Debian Linux
NVD
CVSS 3.0
8.8
EPSS
4.6%
CVE-2017-1002011 MEDIUM POC This Month

Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, There is a stored XSS vulnerability via the $value->gallery_name and $value->gallery_description where anyone with privileges to. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress Image Gallery With Slideshow
NVD
CVSS 3.0
5.4
EPSS
0.9%
CVE-2017-1002024 MEDIUM POC PATCH This Month

Vulnerability in web application Kind Editor v4.1.12, kindeditor/php/upload_json.php does not check authentication before allow users to upload files. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass PHP Kind Editor Kindeditor
NVD GitHub
CVSS 3.0
4.3
EPSS
0.3%
CVE-2017-12989 HIGH PATCH This Week

The RESP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-resp.c:resp_get_length(). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Tcpdump
NVD GitHub
CVSS 3.0
7.5
EPSS
1.1%
CVE-2017-1002151 HIGH PATCH This Week

Pagure 3.3.0 and earlier is vulnerable to loss of confidentially due to improper authorization. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Pagure
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2017-13761 MEDIUM PATCH This Month

The Fastly CDN module before 1.2.26 for Magento2, when used with a third-party authentication plugin, might allow remote authenticated users to obtain sensitive information from authenticated. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Fastly
NVD
CVSS 3.0
6.5
EPSS
0.3%
CVE-2017-1002100 MEDIUM PATCH This Month

Default access permissions for Persistent Volumes (PVs) created by the Kubernetes Azure cloud provider in versions 1.6.0 to 1.6.5 are set to "container" which exposes a URI that can be accessed. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Kubernetes Information Disclosure
NVD GitHub
CVSS 3.0
6.5
EPSS
0.3%
CVE-2017-0783 MEDIUM PATCH This Month

A information disclosure vulnerability in the Android system (bluetooth). Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Google Information Disclosure Android
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2017-1002150 MEDIUM PATCH This Month

python-fedora 0.8.0 and lower is vulnerable to an open redirect resulting in loss of CSRF protection. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Open Redirect Python CSRF Python Fedora
NVD GitHub
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-1490 MEDIUM PATCH This Month

An unspecified vulnerability in the Lifecycle Query Engine of Jazz Reporting Service 6.0 through 6.0.4 could disclose highly sensitive information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Jazz Reporting Service
NVD
CVSS 3.0
5.3
EPSS
0.3%
CVE-2015-7553 MEDIUM This Month

Race condition in the kernel in Red Hat Enterprise Linux 7, kernel-rt and Red Hat Enterprise MRG 2, when the nfnetlink_log module is loaded, allows local users to cause a denial of service (panic) by. Rated medium severity (CVSS 4.7). No vendor patch available.

Denial Of Service Race Condition Linux Red Hat Enterprise Linux +2
NVD
CVSS 3.0
4.7
EPSS
0.0%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy