Search Results (3375 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-1988 2 Redhat, X 2 Enterprise Linux, Libxres 2025-04-11 N/A
Multiple integer overflows in X.org libXRes 1.0.6 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XResQueryClients and (2) XResQueryClientResources functions.
CVE-2010-2519 5 Apple, Canonical, Debian and 2 more 5 Mac Os X, Ubuntu Linux, Debian Linux and 2 more 2025-04-11 N/A
Heap-based buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted length value in a POST fragment header in a font file.
CVE-2010-2520 4 Apple, Canonical, Debian and 1 more 4 Mac Os X, Ubuntu Linux, Debian Linux and 1 more 2025-04-11 N/A
Heap-based buffer overflow in the Ins_IUP function in truetype/ttinterp.c in FreeType before 2.4.0, when TrueType bytecode support is enabled, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
CVE-2013-1987 4 Canonical, Opensuse, Redhat and 1 more 4 Ubuntu Linux, Opensuse, Enterprise Linux and 1 more 2025-04-11 N/A
Multiple integer overflows in X.org libXrender 0.9.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XRenderQueryFilters, (2) XRenderQueryFormats, and (3) XRenderQueryPictIndexValues functions.
CVE-2010-2806 4 Apple, Canonical, Freetype and 1 more 6 Iphone Os, Mac Os X, Tvos and 3 more 2025-04-11 N/A
Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based buffer overflow.
CVE-2013-1984 2 Redhat, X.org 2 Enterprise Linux, Libxi 2025-04-11 N/A
Multiple integer overflows in X.org libXi 1.7.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XGetDeviceControl, (2) XGetFeedbackControl, (3) XGetDeviceDontPropagateList, (4) XGetDeviceMotionEvents, (5) XIGetProperty, (6) XIGetSelectedEvents, (7) XGetDeviceProperties, and (8) XListInputDevices functions.
CVE-2013-1982 2 Redhat, X 2 Enterprise Linux, Libxext 2025-04-11 N/A
Multiple integer overflows in X.org libXext 1.3.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XcupGetReservedColormapEntries, (2) XcupStoreColors, (3) XdbeGetVisualInfo, (4) XeviGetVisualInfo, (5) XShapeGetRectangles, and (6) XSyncListSystemCounters functions.
CVE-2012-2665 5 Apache, Canonical, Debian and 2 more 11 Openoffice, Ubuntu Linux, Debian Linux and 8 more 2025-04-11 N/A
Multiple heap-based buffer overflows in the XML manifest encryption tag parsing functionality in OpenOffice.org and LibreOffice before 3.5.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Open Document Text (.odt) file with (1) a child tag within an incorrect parent tag, (2) duplicate tags, or (3) a Base64 ChecksumAttribute whose length is not evenly divisible by four.
CVE-2013-1978 3 Gimp, Gnome, Redhat 3 Gimp, Glib, Enterprise Linux 2025-04-11 N/A
Heap-based buffer overflow in the read_xwd_cols function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an X Window System (XWD) image dump with more colors than color map entries.
CVE-2013-1981 3 Canonical, Redhat, X 3 Ubuntu Linux, Enterprise Linux, Libx11 2025-04-11 N/A
Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) XListFontsWithInfo, (4) XGetMotionEvents, (5) XListHosts, (6) XGetModifierMapping, (7) XGetPointerMapping, (8) XGetKeyboardMapping, (9) XGetWindowProperty, (10) XGetImage, (11) LoadColornameDB, (12) XrmGetFileDatabase, (13) _XimParseStringFile, or (14) TransFileName functions.
CVE-2011-1167 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2025-04-11 N/A
Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value.
CVE-2013-2001 2 Redhat, X 2 Enterprise Linux, Libxxf86vm 2025-04-11 N/A
Buffer overflow in X.org libXxf86vm 1.1.2 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XF86VidModeGetGammaRamp function.
CVE-2013-2002 2 Redhat, X 2 Enterprise Linux, Libxt 2025-04-11 N/A
Buffer overflow in X.org libXt 1.1.3 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the _XtResourceConfigurationEH function.
CVE-2013-2003 2 Redhat, X 2 Enterprise Linux, Libxcursor 2025-04-11 N/A
Integer overflow in X.org libXcursor 1.1.13 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the _XcursorFileHeaderCreate function.
CVE-2012-3403 2 Gimp, Redhat 2 Gimp, Enterprise Linux 2025-04-11 N/A
Heap-based buffer overflow in the KiSS CEL file format plug-in in GIMP 2.8.x and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted KiSS palette file, which triggers an "invalid free."
CVE-2013-2174 4 Canonical, Haxx, Opensuse and 1 more 5 Ubuntu Linux, Curl, Libcurl and 2 more 2025-04-11 N/A
Heap-based buffer overflow in the curl_easy_unescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string ending in a "%" (percent) character.
CVE-2013-4243 3 Debian, Libtiff, Redhat 3 Debian Linux, Libtiff, Enterprise Linux 2025-04-11 N/A
Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted height and width values in a GIF image.
CVE-2013-4298 1 Imagemagick 1 Imagemagick 2025-04-11 N/A
The ReadGIFImage function in coders/gif.c in ImageMagick before 6.7.8-8 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted comment in a GIF image.
CVE-2012-0804 2 Cvs, Redhat 2 Cvs, Enterprise Linux 2025-04-11 N/A
Heap-based buffer overflow in the proxy_connect function in src/client.c in CVS 1.11 and 1.12 allows remote HTTP proxy servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTTP response.
CVE-2012-3401 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2025-04-11 N/A
The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers a heap-based buffer overflow.