Show filters
188 Total Results
Displaying 141-150 of 188
Sort by:
Attacker Value
Unknown

CVE-2017-14491

Disclosure Date: October 04, 2017 (last updated January 15, 2025)
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2017-14496

Disclosure Date: October 03, 2017 (last updated November 08, 2023)
Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.
0
0
Attacker Value
Unknown

CVE-2017-14494

Disclosure Date: October 03, 2017 (last updated November 08, 2023)
dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.
0
0
Attacker Value
Unknown

CVE-2017-13704

Disclosure Date: October 03, 2017 (last updated November 08, 2023)
In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.
0
0
Attacker Value
Unknown

CVE-2017-14493

Disclosure Date: October 03, 2017 (last updated November 08, 2023)
Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.
0
0
Attacker Value
Unknown

CVE-2017-14495

Disclosure Date: October 03, 2017 (last updated November 08, 2023)
Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation.
0
0
Attacker Value
Unknown

CVE-2017-14492

Disclosure Date: October 03, 2017 (last updated November 08, 2023)
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.
0
0
Attacker Value
Unknown

CVE-2017-12836

Disclosure Date: August 24, 2017 (last updated November 26, 2024)
CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a crafted hostname, as demonstrated by "-oProxyCommand=id;localhost:/bar."
0
0
Attacker Value
Unknown

CVE-2017-7980

Disclosure Date: July 25, 2017 (last updated November 26, 2024)
Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via vectors related to a VNC client updating its display after a VGA operation.
0
0
Attacker Value
Unknown

CVE-2017-9735

Disclosure Date: June 16, 2017 (last updated November 08, 2023)
Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect passwords.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
View More Topics  < Previous  Next >