Search Results (14738 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-9831 1 Libming 1 Libming 2025-04-20 N/A
Heap-based buffer overflow in the parseSWF_RGBA function in parser.c in the listswf tool in libming 0.4.7 allows remote attackers to have unspecified impact via a crafted SWF file.
CVE-2016-2148 3 Busybox, Canonical, Debian 3 Busybox, Ubuntu Linux, Debian Linux 2025-04-20 9.8 Critical
Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to have unspecified impact via vectors involving OPTION_6RD parsing.
CVE-2017-11115 1 Openexif Project 1 Openexif 2025-04-20 N/A
The ExifJpegHUFFTable::deriveTable function in ExifHuffmanTable.cpp in OpenExif 2.1.4 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted jpg file.
CVE-2013-4659 2 Asus, Trendnet 4 Rt-ac66u, Rt-ac66u Firmware, Tew-812dru and 1 more 2025-04-20 N/A
Buffer overflow in Broadcom ACSD allows remote attackers to execute arbitrary code via a long string to TCP port 5916. This component is used on routers of multiple vendors including ASUS RT-AC66U and TRENDnet TEW-812DRU.
CVE-2017-0470 1 Google 1 Android 2025-04-20 N/A
A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33818500.
CVE-2017-0471 1 Google 1 Android 2025-04-20 N/A
A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33816782.
CVE-2016-10046 1 Imagemagick 1 Imagemagick 2025-04-20 N/A
Heap-based buffer overflow in the DrawImage function in magick/draw.c in ImageMagick before 6.9.5-5 allows remote attackers to cause a denial of service (application crash) via a crafted image file.
CVE-2017-17866 2 Artifex, Debian 2 Mupdf, Debian Linux 2025-04-20 N/A
pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain length changes when a repair operation occurs during a clean operation, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted PDF document.
CVE-2016-10040 1 Qt 1 Qxmlsimplereader 2025-04-20 N/A
Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows remote attackers to cause a denial of service (application crash) via a xml file with multiple nested open tags.
CVE-2014-9474 2 Mpfr, Redhat 2 Gnu Mpfr, Rhel Els 2025-04-20 N/A
Buffer overflow in the mpfr_strtofr function in GNU MPFR before 3.1.2-p11 allows context-dependent attackers to have unspecified impact via vectors related to incorrect documentation for mpn_set_str.
CVE-2017-0476 1 Google 1 Android 2025-04-20 N/A
A remote code execution vulnerability in AOSP Messaging could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as High due to the possibility of remote code execution within the context of an unprivileged process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33388925.
CVE-2017-15597 1 Xen 1 Xen 2025-04-20 N/A
An issue was discovered in Xen through 4.9.x. Grant copying code made an implication that any grant pin would be accompanied by a suitable page reference. Other portions of code, however, did not match up with that assumption. When such a grant copy operation is being done on a grant of a dying domain, the assumption turns out wrong. A malicious guest administrator can cause hypervisor memory corruption, most likely resulting in host crash and a Denial of Service. Privilege escalation and information leaks cannot be ruled out.
CVE-2017-5706 1 Intel 1 Server Platform Services Firmware 2025-04-20 N/A
Multiple buffer overflows in kernel in Intel Server Platform Services Firmware 4.0 allow attacker with local access to the system to execute arbitrary code.
CVE-2017-13731 1 Gnu 1 Ncurses 2025-04-20 N/A
There is an illegal address access in the function postprocess_termcap() in parse_entry.c in ncurses 6.0 that will lead to a remote denial of service attack.
CVE-2014-7859 2 D-link, Dlink 10 Dnr-320l Firmware, Dnr-326 Firmware, Dns-320lw Firmware and 7 more 2025-04-20 N/A
Stack-based buffer overflow in login_mgr.cgi in D-Link firmware DNR-320L and DNS-320LW before 1.04b08, DNR-322L before 2.10 build 03, DNR-326 before 2.10 build 03, and DNS-327L before 1.04b01 allows remote attackers to execute arbitrary code by crafting malformed "Host" and "Referer" header values.
CVE-2016-8863 2 Debian, Libupnp Project 2 Debian Linux, Libupnp 2025-04-20 N/A
Heap-based buffer overflow in the create_url_list function in gena/gena_device.c in Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a valid URI followed by an invalid one in the CALLBACK header of an SUBSCRIBE request.
CVE-2014-6354 1 Microsoft 1 Internet Explorer 2025-04-20 N/A
Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11 allows remote attackers to execute arbitrary code.
CVE-2016-10164 2 Redhat, X.org 2 Enterprise Linux, Libxpm 2025-04-20 N/A
Multiple integer overflows in libXpm before 3.5.12, when a program requests parsing XPM extensions on a 64-bit platform, allow remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via (1) the number of extensions or (2) their concatenated length in a crafted XPM file, which triggers a heap-based buffer overflow.
CVE-2017-9169 1 Autotrace Project 1 Autotrace 2025-04-20 N/A
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:355:25.
CVE-2017-8834 2 Gnome, Opensuse 2 Libcroco, Leap 2025-04-20 6.5 Medium
The cr_tknzr_parse_comment function in cr-tknzr.c in libcroco 0.6.12 allows remote attackers to cause a denial of service (memory allocation error) via a crafted CSS file.