Export limit exceeded: 14753 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (14753 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-5157 | 4 Fedoraproject, Google, Opensuse and 1 more | 4 Fedora, Chrome, Leap and 1 more | 2025-04-12 | N/A |
| Heap-based buffer overflow in the opj_dwt_interleave_v function in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to execute arbitrary code via crafted coordinate values in JPEG 2000 data. | ||||
| CVE-2016-2857 | 4 Canonical, Debian, Qemu and 1 more | 12 Ubuntu Linux, Debian Linux, Qemu and 9 more | 2025-04-12 | 8.4 High |
| The net_checksum_calculate function in net/checksum.c in QEMU allows local guest OS users to cause a denial of service (out-of-bounds heap read and crash) via the payload length in a crafted packet. | ||||
| CVE-2016-2819 | 5 Canonical, Debian, Mozilla and 2 more | 6 Ubuntu Linux, Debian Linux, Firefox and 3 more | 2025-04-12 | N/A |
| Heap-based buffer overflow in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via foreign-context HTML5 fragments, as demonstrated by fragments within an SVG element. | ||||
| CVE-2015-6359 | 1 Cisco | 1 Ios | 2025-04-12 | N/A |
| The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS 15.3(3)S0.1 on ASR devices mishandles internal tables, which allows remote attackers to cause a denial of service (memory consumption or device crash) via a flood of crafted ND messages, aka Bug ID CSCup28217. | ||||
| CVE-2016-5154 | 3 Google, Opensuse, Redhat | 3 Chrome, Leap, Rhel Extras | 2025-04-12 | N/A |
| Multiple heap-based buffer overflows in PDFium, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted JBig2 image. | ||||
| CVE-2016-4998 | 4 Canonical, Linux, Oracle and 1 more | 6 Ubuntu Linux, Linux Kernel, Linux and 3 more | 2025-04-12 | N/A |
| The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary. | ||||
| CVE-2015-8662 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-12 | N/A |
| The ff_dwt_decode function in libavcodec/jpeg2000dwt.c in FFmpeg before 2.8.4 does not validate the number of decomposition levels before proceeding with Discrete Wavelet Transform decoding, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG 2000 data. | ||||
| CVE-2014-8547 | 2 Canonical, Ffmpeg | 2 Ubuntu Linux, Ffmpeg | 2025-04-12 | N/A |
| libavcodec/gifdec.c in FFmpeg before 2.4.2 does not properly compute image heights, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted GIF data. | ||||
| CVE-2015-5225 | 3 Fedoraproject, Qemu, Redhat | 4 Fedora, Qemu, Enterprise Linux and 1 more | 2025-04-12 | N/A |
| Buffer overflow in the vnc_refresh_server_surface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service (heap memory corruption and process crash) or possibly execute arbitrary code on the host via unspecified vectors, related to refreshing the server display surface. | ||||
| CVE-2015-5156 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Extras Rt | 2025-04-12 | N/A |
| The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel before 4.2 attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to cause a denial of service (buffer overflow and memory corruption) via a crafted sequence of fragmented packets. | ||||
| CVE-2015-5147 | 1 Redcarpet Project | 1 Redcarpet | 2025-04-12 | N/A |
| Stack-based buffer overflow in the header_anchor function in the HTML renderer in Redcarpet before 3.3.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. | ||||
| CVE-2014-9912 | 1 Php | 1 Php | 2025-04-12 | N/A |
| The get_icu_disp_value_src_php function in ext/intl/locale/locale_methods.c in PHP before 5.3.29, 5.4.x before 5.4.30, and 5.5.x before 5.5.14 does not properly restrict calls to the ICU uresbund.cpp component, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a locale_get_display_name call with a long first argument. | ||||
| CVE-2015-5129 | 6 Adobe, Apple, Linux and 3 more | 9 Air, Air Sdk, Air Sdk \& Compiler and 6 more | 2025-04-12 | N/A |
| Heap-based buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5541. | ||||
| CVE-2015-5125 | 5 Adobe, Apple, Linux and 2 more | 8 Air, Air Sdk, Air Sdk \& Compiler and 5 more | 2025-04-12 | N/A |
| Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to cause a denial of service (vector-length corruption) or possibly have unspecified other impact via unknown vectors. | ||||
| CVE-2016-1767 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix image, a different vulnerability than CVE-2016-1768. | ||||
| CVE-2016-7287 | 1 Microsoft | 2 Edge, Internet Explorer | 2025-04-12 | N/A |
| The scripting engines in Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." | ||||
| CVE-2015-5993 | 1 Philippine Long Distance Telephone | 4 Kasda Kw58293, Kasda Kw58293 Firmware, Speedsurf 504an and 1 more | 2025-04-12 | N/A |
| Buffer overflow in form2ping.cgi on Philippine Long Distance Telephone (PLDT) SpeedSurf 504AN devices with firmware GAN9.8U26-4-TX-R6B018-PH.EN and Kasda KW58293 devices allows remote attackers to cause a denial of service (device outage) via a long ipaddr parameter. | ||||
| CVE-2015-7111 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2025-04-12 | N/A |
| The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-7112. | ||||
| CVE-2015-4695 | 2 Redhat, Wvware | 2 Enterprise Linux, Libwmf | 2025-04-12 | N/A |
| meta.h in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WMF file. | ||||
| CVE-2016-7240 | 1 Microsoft | 1 Edge | 2025-04-12 | N/A |
| The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7242, and CVE-2016-7243. | ||||