Export limit exceeded: 366668 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (46499 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-15825 1 Google 1 Android 2024-11-21 N/A
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing a gpt update, an out of bounds memory access may potentially occur.
CVE-2017-15823 1 Google 1 Android 2024-11-21 N/A
In spectral_create_samp_msg() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-11, some values from firmware are not properly validated potentially leading to a buffer overflow.
CVE-2017-15822 1 Google 1 Android 2024-11-21 N/A
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, while processing a 802.11 management frame, a buffer overflow may potentially occur.
CVE-2017-15821 1 Google 1 Android 2024-11-21 N/A
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the function wma_p2p_noa_event_handler(), there is no bound check on a value coming from firmware which can potentially lead to a buffer overwrite.
CVE-2017-15818 1 Google 1 Android 2024-11-21 N/A
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while loading a user application in qseecom, an integer overflow could potentially occur if the application partition size is rounded up to page_size.
CVE-2017-15815 1 Google 1 Android 2024-11-21 N/A
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a potential buffer overflow can happen when processing any 802.11 MGMT frames like Auth frame in limProcessAuthFrame.
CVE-2017-15814 1 Google 1 Android 2024-11-21 N/A
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in msm_flash_subdev_do_ioctl of drivers/media/platform/msm/camera_v2/sensor/flash/msm_flash.c, there is a possible out of bounds read if flash_data.cfg_type is CFG_FLASH_INIT due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
CVE-2017-15655 1 Asus 1 Asuswrt 2024-11-21 N/A
Multiple buffer overflow vulnerabilities exist in the HTTPd server in Asus asuswrt version <=3.0.0.4.376.X. All have been fixed in version 3.0.0.4.378, but this vulnerability was not previously disclosed. Some end-of-life routers have this version as the newest and thus are vulnerable at this time. This vulnerability allows for RCE with administrator rights when the administrator visits several pages.
CVE-2017-15428 1 Google 1 Chrome 2024-11-21 N/A
Insufficient data validation in V8 builtins string generator could lead to out of bounds read and write access in V8 in Google Chrome prior to 62.0.3202.94 and allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
CVE-2017-15422 5 Canonical, Debian, Google and 2 more 8 Ubuntu Linux, Debian Linux, Chrome and 5 more 2024-11-21 N/A
Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2017-15418 3 Debian, Google, Redhat 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more 2024-11-21 N/A
Use of uninitialized memory in Skia in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
CVE-2017-15417 3 Debian, Google, Redhat 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more 2024-11-21 N/A
Inappropriate implementation in Skia canvas composite operations in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2017-15416 3 Debian, Google, Redhat 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more 2024-11-21 N/A
Heap buffer overflow in Blob API in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka a Blink out-of-bounds read.
CVE-2017-15415 3 Debian, Google, Redhat 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more 2024-11-21 N/A
Incorrect serialization in IPC in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak the value of a pointer via a crafted HTML page.
CVE-2017-15409 3 Debian, Google, Redhat 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more 2024-11-21 N/A
Heap buffer overflow in Skia in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2017-15408 3 Debian, Google, Redhat 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more 2024-11-21 N/A
Heap buffer overflow in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file that is mishandled by PDFium.
CVE-2017-15406 2 Google, Redhat 2 Chrome, Rhel Extras 2024-11-21 N/A
A stack buffer overflow in V8 in Google Chrome prior to 62.0.3202.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2017-15401 1 Google 1 Chrome 2024-11-21 N/A
A memory corruption bug in WebAssembly could lead to out of bounds read and write through V8 in WebAssembly in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
CVE-2017-15398 3 Debian, Google, Redhat 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more 2024-11-21 N/A
A stack buffer overflow in the QUIC networking stack in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to gain code execution via a malicious server.
CVE-2017-15396 4 Debian, Google, Icu-project and 1 more 7 Debian Linux, Chrome, International Components For Unicode and 4 more 2024-11-21 N/A
A stack buffer overflow in NumberingSystem in International Components for Unicode (ICU) for C/C++ before 60.2, as used in V8 in Google Chrome prior to 62.0.3202.75 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.