Export limit exceeded: 20907 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20907 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-8278 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, while reading audio data from an unspecified driver, a buffer overflow or integer overflow could occur. | ||||
| CVE-2017-8312 | 2 Debian, Videolan | 2 Debian Linux, Vlc Media Player | 2025-04-20 | N/A |
| Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing check of string length allows attackers to read heap uninitialized data via a crafted subtitles file. | ||||
| CVE-2017-8313 | 1 Videolan | 1 Vlc Media Player | 2025-04-20 | N/A |
| Heap out-of-bound read in ParseJSS in VideoLAN VLC before 2.2.5 due to missing check of string termination allows attackers to read data beyond allocated memory and potentially crash the process via a crafted subtitles file. | ||||
| CVE-2017-8845 | 1 Long Range Zip Project | 1 Long Range Zip | 2025-04-20 | 5.5 Medium |
| The lzo1x_decompress function in lzo1x_d.ch in LZO 2.08, as used in lrzip 0.631, allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted archive. | ||||
| CVE-2017-3735 | 3 Debian, Openssl, Redhat | 3 Debian Linux, Openssl, Enterprise Linux | 2025-04-20 | N/A |
| While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g. | ||||
| CVE-2017-5209 | 1 Libimobiledevice | 1 Libplist | 2025-04-20 | N/A |
| The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via split encoded Apple Property List data. | ||||
| CVE-2017-6883 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2025-04-20 | N/A |
| The ConvertToPDF plugin in Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF image. The vulnerability could lead to information disclosure; an attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. | ||||
| CVE-2017-6458 | 4 Apple, Hpe, Ntp and 1 more | 5 Mac Os X, Hpux-ntp, Ntp and 2 more | 2025-04-20 | 8.8 High |
| Multiple buffer overflows in the ctl_put* functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecified impact via a long variable. | ||||
| CVE-2014-9839 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | N/A |
| magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access). | ||||
| CVE-2014-9822 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 7.8 High |
| Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted quantum file. | ||||
| CVE-2014-9820 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 7.8 High |
| Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pnm file. | ||||
| CVE-2016-10350 | 1 Libarchive | 1 Libarchive | 2025-04-20 | N/A |
| The archive_read_format_cab_read_header function in archive_read_support_format_cab.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. | ||||
| CVE-2017-2814 | 1 Freedesktop | 1 Poppler | 2025-04-20 | N/A |
| An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted pdf can cause an image resizing after allocation has already occurred, resulting in heap corruption which can lead to code execution. An attacker controlled PDF file can be used to trigger this vulnerability. | ||||
| CVE-2017-2818 | 1 Freedesktop | 1 Poppler | 2025-04-20 | N/A |
| An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger this vulnerability. | ||||
| CVE-2017-9618 | 1 Artifex | 1 Ghostscript Ghostxps | 2025-04-20 | N/A |
| The xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted document. | ||||
| CVE-2017-9620 | 1 Artifex | 1 Ghostscript Ghostxps | 2025-04-20 | N/A |
| The xps_select_font_encoding function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document, related to the xps_encode_font_char_imp function. | ||||
| CVE-2016-7837 | 1 Bluez | 1 Bluez | 2025-04-20 | N/A |
| Buffer overflow in BlueZ 5.41 and earlier allows an attacker to execute arbitrary code via the parse_line function used in some userland utilities. | ||||
| CVE-2016-4483 | 4 Debian, Oracle, Redhat and 1 more | 4 Debian Linux, Solaris, Jboss Core Services and 1 more | 2025-04-20 | 7.5 High |
| The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a non-UTF-8 attribute value, related to serialization. NOTE: this vulnerability may be a duplicate of CVE-2016-3627. | ||||
| CVE-2017-6834 | 2 Audiofile, Debian | 2 Audiofile, Debian Linux | 2025-04-20 | 5.5 Medium |
| Heap-based buffer overflow in the ulaw2linear_buf function in G711.cpp in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0, 0.2.7 allows remote attackers to cause a denial of service (crash) via a crafted file. | ||||
| CVE-2017-6832 | 2 Audiofile, Debian | 2 Audiofile, Debian Linux | 2025-04-20 | 5.5 Medium |
| Heap-based buffer overflow in the decodeBlock in MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0, 0.2.7 allows remote attackers to cause a denial of service (crash) via a crafted file. | ||||