Vulnerabilities > Debian > Critical

DATE CVE VULNERABILITY TITLE RISK
2017-09-14 CVE-2017-13687 Out-of-bounds Read vulnerability in multiple products
The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().
network
low complexity
tcpdump debian CWE-125
critical
 9.8
9.8
2017-09-14 CVE-2017-13028 Out-of-bounds Read vulnerability in multiple products
The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print().
network
low complexity
tcpdump debian CWE-125
critical
 9.8
9.8
2017-09-14 CVE-2017-13024 Out-of-bounds Read vulnerability in multiple products
The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().
network
low complexity
tcpdump debian CWE-125
critical
 9.8
9.8
2017-09-14 CVE-2017-13020 Out-of-bounds Read vulnerability in multiple products
The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().
network
low complexity
tcpdump debian CWE-125
critical
 9.8
9.8
2017-09-14 CVE-2017-13004 Out-of-bounds Read vulnerability in multiple products
The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c:juniper_parse_header().
network
low complexity
tcpdump debian CWE-125
critical
 9.8
9.8
2017-09-14 CVE-2017-12987 Out-of-bounds Read vulnerability in multiple products
The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().
network
low complexity
tcpdump redhat debian CWE-125
critical
 9.8
9.8
2017-09-14 CVE-2017-12902 Out-of-bounds Read vulnerability in multiple products
The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions.
network
low complexity
tcpdump redhat debian CWE-125
critical
 9.8
9.8
2017-09-14 CVE-2017-12899 Out-of-bounds Read vulnerability in multiple products
The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print().
network
low complexity
tcpdump redhat debian CWE-125
critical
 9.8
9.8
2017-09-14 CVE-2017-12896 Out-of-bounds Read vulnerability in multiple products
The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().
network
low complexity
tcpdump redhat debian CWE-125
critical
 9.8
9.8
2017-09-03 CVE-2017-14122 Out-of-bounds Read vulnerability in multiple products
unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a stack-based buffer over-read in unrarlib.c, related to ExtrFile and stricomp.
network
low complexity
rarlab debian CWE-125
critical
 9.1
9.1