Export limit exceeded: 14263 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (14263 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-15752 | 1 Irfanview | 2 Babacad4image, Irfanview | 2025-04-20 | N/A |
| IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at BabaCAD4Image!ShowPlugInOptions+0x000000000004d6b0." | ||||
| CVE-2017-15259 | 1 Irfanview | 2 Irfanview, Pdf | 2025-04-20 | N/A |
| IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faulting Address controls Branch Selection starting at PDF!xmlParserInputRead+0x000000000011624a." | ||||
| CVE-2017-15252 | 1 Irfanview | 2 Irfanview, Pdf | 2025-04-20 | N/A |
| IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to a "Read Access Violation on Block Data Move starting at PDF!xmlListWalk+0x00000000000158cb." | ||||
| CVE-2017-15245 | 1 Irfanview | 2 Irfanview, Pdf | 2025-04-20 | N/A |
| IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faulting Address controls Branch Selection starting at PDF!xmlGetGlobalState+0x0000000000057b76." | ||||
| CVE-2017-15243 | 1 Irfanview | 2 Irfanview, Pdf | 2025-04-20 | N/A |
| IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Possible Stack Corruption starting at PDF!xmlGetGlobalState+0x00000000000568a4." | ||||
| CVE-2017-15239 | 1 Irfanview | 2 Irfanview, Pdf | 2025-04-20 | N/A |
| IrfanView 4.44 - 32bit with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faulting Address may be used as a return value starting at PDF!xmlParserInputRead+0x0000000000040db4." | ||||
| CVE-2017-14540 | 1 Irfanview | 1 Irfanview | 2025-04-20 | N/A |
| IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address controls Branch Selection starting at CADIMAGE+0x000000000001f23e." | ||||
| CVE-2017-10742 | 2 Microsoft, Xnview | 2 Windows, Xnview | 2025-04-20 | N/A |
| XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Data Execution Prevention Violation starting at Unknown Symbol @ 0x00000000380a0500 called from ntdll_77df0000!LdrxCallInitRoutine+0x0000000000000016." | ||||
| CVE-2014-4616 | 5 Opensuse, Opensuse Project, Python and 2 more | 8 Opensuse, Opensuse, Python and 5 more | 2025-04-20 | 5.9 Medium |
| Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the raw_decode function. | ||||
| CVE-2017-9126 | 1 Libquicktime | 1 Libquicktime | 2025-04-20 | N/A |
| The quicktime_read_dref_table function in dref.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted mp4 file. | ||||
| CVE-2016-5321 | 2 Libtiff, Opensuse | 2 Libtiff, Opensuse | 2025-04-20 | N/A |
| The DumpModeDecode function in libtiff 4.0.6 and earlier allows attackers to cause a denial of service (invalid read and crash) via a crafted tiff image. | ||||
| CVE-2016-8863 | 2 Debian, Libupnp Project | 2 Debian Linux, Libupnp | 2025-04-20 | N/A |
| Heap-based buffer overflow in the create_url_list function in gena/gena_device.c in Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a valid URI followed by an invalid one in the CALLBACK header of an SUBSCRIBE request. | ||||
| CVE-2017-8807 | 3 Debian, Varnish-cache, Varnish Cache Project | 3 Debian Linux, Varnish, Varnish Cache | 2025-04-20 | 9.1 Critical |
| vbf_stp_error in bin/varnishd/cache/cache_fetch.c in Varnish HTTP Cache 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain sensitive information from process memory because a VFP_GetStorage buffer is larger than intended in certain circumstances involving -sfile Stevedore transient objects. | ||||
| CVE-2014-9820 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 7.8 High |
| Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pnm file. | ||||
| CVE-2014-9822 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 7.8 High |
| Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted quantum file. | ||||
| CVE-2014-9839 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | N/A |
| magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access). | ||||
| CVE-2014-9913 | 1 Unzip Project | 1 Unzip | 2025-04-20 | N/A |
| Buffer overflow in the list_files function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via vectors related to the compression method. | ||||
| CVE-2017-0108 | 1 Microsoft | 9 Live Meeting, Lync, Office and 6 more | 2025-04-20 | N/A |
| The Windows Graphics Component in Microsoft Office 2007 SP3; 2010 SP2; and Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Live Meeting 2007; Silverlight 5; Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Graphics Component Remote Code Execution Vulnerability." This vulnerability is different from that described in CVE-2017-0014. | ||||
| CVE-2014-9925 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In HDR in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | ||||
| CVE-2014-9929 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In WCDMA in all Android releases from CAF using the Linux kernel, a Use of Out-of-range Pointer Offset vulnerability could potentially exist. | ||||