Export limit exceeded: 14740 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (14740 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-15248 1 Irfanview 2 Irfanview, Pdf 2025-04-20 N/A
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address controls Code Flow starting at PDF!xmlGetGlobalState+0x0000000000063ca6."
CVE-2016-4796 2 Fedoraproject, Uclouvain 2 Fedora, Openjpeg 2025-04-20 N/A
Heap-based buffer overflow in the color_cmyk_to_rgb in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (crash) via a crafted .j2k file.
CVE-2017-6887 1 Libraw 1 Libraw 2025-04-20 N/A
A boundary error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "DSLR-A100" and containing multiple sequences of 0x100 and 0x14A TAGs.
CVE-2016-1558 1 Dlink 20 Dap-2230, Dap-2230 Firmware, Dap-2310 and 17 more 2025-04-20 N/A
Buffer overflow in D-Link DAP-2310 2.06 and earlier, DAP-2330 1.06 and earlier, DAP-2360 2.06 and earlier, DAP-2553 H/W ver. B1 3.05 and earlier, DAP-2660 1.11 and earlier, DAP-2690 3.15 and earlier, DAP-2695 1.16 and earlier, DAP-3320 1.00 and earlier, and DAP-3662 1.01 and earlier allows remote attackers to have unspecified impact via a crafted 'dlink_uid' cookie.
CVE-2017-15253 1 Irfanview 2 Irfanview, Pdf 2025-04-20 N/A
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to a "User Mode Write AV starting at PDF!xmlGetGlobalState+0x000000000007dff2."
CVE-2017-8339 1 Watchguard 1 Panda Antivirus 2025-04-20 5.5 Medium
PSKMAD.sys in Panda Free Antivirus 18.0 allows local users to cause a denial of service (BSoD) via a crafted DeviceIoControl request to \\.\PSMEMDriver.
CVE-2017-1000073 1 Creolabs 1 Gravity 2025-04-20 N/A
Creolabs Gravity version 1.0 is vulnerable to a heap overflow in an undisclosed component that can result in arbitrary code execution.
CVE-2017-0020 1 Microsoft 2 Excel, Office Web Apps 2025-04-20 N/A
Microsoft Excel 2016, Excel 2010 SP2, Excel 2013 RT SP1, and Office Web Apps Server 2013 SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0006, CVE-2017-0019, CVE-2017-0030, CVE-2017-0031, CVE-2017-0052, and CVE-2017-0053.
CVE-2017-0023 1 Microsoft 5 Edge, Windows 10, Windows 8.1 and 2 more 2025-04-20 N/A
The PDF library in Microsoft Edge; Windows 8.1; Windows Server 2012 and R2; Windows RT 8.1; and Windows 10, 1511, and 1607 allows remote attackers to execute arbitrary code via a crafted PDF file, aka "Microsoft PDF Remote Code Execution Vulnerability."
CVE-2017-0103 1 Microsoft 4 Windows 7, Windows Server 2008, Windows Server 2012 and 1 more 2025-04-20 N/A
The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows Server 2012 mishandles registry objects in memory, which allows local users to gain privileges via a crafted application, aka "Windows Registry Elevation of Privilege Vulnerability."
CVE-2017-6827 1 Audiofile 1 Audiofile 2025-04-20 N/A
Heap-based buffer overflow in the MSADPCM::initializeCoefficients function in MSADPCM.cpp in audiofile (aka libaudiofile and Audio File Library) 0.3.6 allows remote attackers to have unspecified impact via a crafted audio file.
CVE-2017-3882 1 Cisco 17 Rv042, Rv042g, Rv082 and 14 more 2025-04-20 N/A
A vulnerability in the Universal Plug-and-Play (UPnP) implementation in the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, Layer 2-adjacent attacker to execute arbitrary code or cause a denial of service (DoS) condition. The remote code execution could occur with root privileges. The vulnerability is due to incomplete range checks of the UPnP input data, which could result in a buffer overflow. An attacker could exploit this vulnerability by sending a malicious request to the UPnP listening port of the targeted device. An exploit could allow the attacker to cause the device to reload or potentially execute arbitrary code with root privileges. This vulnerability affects all firmware releases of the Cisco CVR100W Wireless-N VPN Router prior to Firmware Release 1.0.1.22. Cisco Bug IDs: CSCuz72642.
CVE-2017-0108 1 Microsoft 9 Live Meeting, Lync, Office and 6 more 2025-04-20 N/A
The Windows Graphics Component in Microsoft Office 2007 SP3; 2010 SP2; and Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Live Meeting 2007; Silverlight 5; Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Graphics Component Remote Code Execution Vulnerability." This vulnerability is different from that described in CVE-2017-0014.
CVE-2017-7091 2 Apple, Microsoft 6 Icloud, Iphone Os, Itunes and 3 more 2025-04-20 N/A
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-7100 2 Apple, Microsoft 6 Icloud, Iphone Os, Itunes and 3 more 2025-04-20 N/A
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2014-9819 1 Imagemagick 1 Imagemagick 2025-04-20 7.8 High
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9823.
CVE-2017-6191 1 Apng Disassembler Project 1 Apng Disassembler 2025-04-20 N/A
Buffer overflow in APNGDis 2.8 and below allows a remote attacker to execute arbitrary code via a crafted filename.
CVE-2017-8869 1 Mediacoder 1 Mediacoder 2025-04-20 N/A
Buffer overflow in MediaCoder 0.8.48.5888 allows remote attackers to execute arbitrary code via a crafted .m3u file.
CVE-2017-11115 1 Openexif Project 1 Openexif 2025-04-20 N/A
The ExifJpegHUFFTable::deriveTable function in ExifHuffmanTable.cpp in OpenExif 2.1.4 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted jpg file.
CVE-2017-11548 1 Xiph 1 Libao 2025-04-20 5.5 Medium
The _tokenize_matrix function in audio_out.c in Xiph.Org libao 1.2.0 allows remote attackers to cause a denial of service (memory corruption) via a crafted MP3 file.