Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 20907 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20907 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-10989 | 1 Sqlite | 1 Sqlite | 2025-04-20 | N/A |
| The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact. | ||||
| CVE-2017-6828 | 1 Audiofile | 1 Audiofile | 2025-04-20 | N/A |
| Heap-based buffer overflow in the readValue function in FileHandle.cpp in audiofile (aka libaudiofile and Audio File Library) 0.3.6 allows remote attackers to have unspecified impact via a crafted WAV file. | ||||
| CVE-2017-9469 | 2 Debian, Irssi | 2 Debian Linux, Irssi | 2025-04-20 | N/A |
| In Irssi before 1.0.3, when receiving certain incorrectly quoted DCC files, it tries to find the terminating quote one byte before the allocated memory. Thus, remote attackers might be able to cause a crash. | ||||
| CVE-2017-12704 | 1 Advantech | 1 Webaccess | 2025-04-20 | N/A |
| A heap-based buffer overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabilities where there is a lack of proper validation of the length of user-supplied data prior to copying it to the heap-based buffer, which could allow an attacker to execute arbitrary code under the context of the process. | ||||
| CVE-2017-6840 | 1 Podofo Project | 1 Podofo | 2025-04-20 | N/A |
| The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (invalid read) via a crafted file. | ||||
| CVE-2017-5335 | 3 Gnu, Opensuse, Redhat | 3 Gnutls, Leap, Enterprise Linux | 2025-04-20 | N/A |
| The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate. | ||||
| CVE-2017-14151 | 2 Debian, Uclouvain | 2 Debian Linux, Openjpeg | 2025-04-20 | 8.8 High |
| An off-by-one error was discovered in opj_tcd_code_block_enc_allocate_data in lib/openjp2/tcd.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service (heap-based buffer overflow affecting opj_mqc_flush in lib/openjp2/mqc.c and opj_t1_encode_cblk in lib/openjp2/t1.c) or possibly remote code execution. | ||||
| CVE-2017-12732 | 1 Ge | 1 Intelligent Platforms Proficy Hmi\/scada Cimplicity | 2025-04-20 | N/A |
| A Stack-based Buffer Overflow issue was discovered in GE CIMPLICITY Versions 9.0 and prior. A function reads a packet to indicate the next packet length. The next packet length is not verified, allowing a buffer overwrite that could lead to an arbitrary remote code execution. | ||||
| CVE-2017-11639 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | N/A |
| When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c, related to the GetPixelLuma function in MagickCore/pixel-accessor.h. | ||||
| CVE-2017-14132 | 2 Debian, Jasper Project | 2 Debian Linux, Jasper | 2025-04-20 | N/A |
| JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted image, related to the jas_image_ishomosamp function in libjasper/base/jas_image.c. | ||||
| CVE-2017-6834 | 2 Audiofile, Debian | 2 Audiofile, Debian Linux | 2025-04-20 | 5.5 Medium |
| Heap-based buffer overflow in the ulaw2linear_buf function in G711.cpp in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0, 0.2.7 allows remote attackers to cause a denial of service (crash) via a crafted file. | ||||
| CVE-2017-6836 | 2 Audiofile, Debian | 2 Audiofile, Debian Linux | 2025-04-20 | 5.5 Medium |
| Heap-based buffer overflow in the Expand3To4Module::run function in libaudiofile/modules/SimpleModule.h in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0 allows remote attackers to cause a denial of service (crash) via a crafted file. | ||||
| CVE-2016-7567 | 1 Openslp | 1 Openslp | 2025-04-20 | 9.8 Critical |
| Buffer overflow in the SLPFoldWhiteSpace function in common/slp_compare.c in OpenSLP 2.0 allows remote attackers to have unspecified impact via a crafted string. | ||||
| CVE-2017-14491 | 13 Arista, Arubanetworks, Canonical and 10 more | 35 Eos, Arubaos, Ubuntu Linux and 32 more | 2025-04-20 | 9.8 Critical |
| Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. | ||||
| CVE-2014-8562 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | N/A |
| DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read). | ||||
| CVE-2017-14493 | 5 Canonical, Debian, Opensuse and 2 more | 9 Ubuntu Linux, Debian Linux, Leap and 6 more | 2025-04-20 | N/A |
| Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request. | ||||
| CVE-2016-10065 | 2 Imagemagick, Opensuse | 2 Imagemagick, Leap | 2025-04-20 | N/A |
| The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file. | ||||
| CVE-2017-13875 | 1 Apple | 1 Mac Os X | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds read) via a crafted app. | ||||
| CVE-2016-10071 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 5.5 Medium |
| coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file. | ||||
| CVE-2017-9740 | 1 Artifex | 1 Ghostscript Ghostxps | 2025-04-20 | N/A |
| The xps_decode_font_char_imp function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | ||||