Total
6807 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-125020 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 6.8 MEDIUM | 7.3 HIGH |
| A vulnerability has been found in FFmpeg 2.0 and classified as critical. This vulnerability affects the function decode_update_thread_context. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2014-125015 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 6.8 MEDIUM | 7.3 HIGH |
| A vulnerability classified as critical has been found in FFmpeg 2.0. Affected is the function read_var_block_data. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2013-5659 | 1 Info-zip | 1 Wiz | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Wiz 5.0.3 has a user mode write access violation | |||||
| CVE-2013-5656 | 1 Fuzezip Project | 1 Fuzezip | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| FuzeZip 1.0.0.131625 has a Local Buffer Overflow vulnerability | |||||
| CVE-2013-3946 | 1 Extensis | 1 Mrsid | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via a levels header. | |||||
| CVE-2013-3944 | 1 Extensis | 1 Mrsid | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Stack-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via an IMAGE tag. | |||||
| CVE-2013-3939 | 1 Xnview | 1 Xnview | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| xnview.exe in XnView before 2.13 does not properly handle RLE strip lengths during processing of RGB files, which allows remote attackers to execute arbitrary code via the RLE strip size field in a RGB file, which leads to an unexpected sign extension error and a heap-based buffer overflow. | |||||
| CVE-2013-3937 | 1 Xnview | 1 Xnview | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based buffer overflow in xnview.exe in XnView before 2.13 allows remote attackers to execute arbitrary code via the biBitCount field in a BMP file. | |||||
| CVE-2013-3247 | 1 Xnview | 1 Xnview | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based buffer overflow in xnview.exe in XnView before 2.03 allows remote attackers to execute arbitrary code via a crafted RLE compressed layer in an XCF file. | |||||
| CVE-2013-3246 | 1 Xnview | 1 Xnview | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Stack-based buffer overflow in xnview.exe in XnView before 2.03 allows remote attackers to execute arbitrary code via a crafted image layer in an XCF file. | |||||
| CVE-2012-4980 | 1 Toshiba | 1 Configfree Utility | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Multiple stack-based buffer overflows in CFProfile.exe in Toshiba ConfigFree Utility 8.0.38 allow user-assisted attackers to execute arbitrary code. | |||||
| CVE-2012-0951 | 1 Nvidia | 1 Display Driver | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| A Memory Corruption Vulnerability exists in NVIDIA Graphics Drivers 29549 due to an unknown function in the file proc/driver/nvidia/registry. | |||||
| CVE-2011-3630 | 3 Debian, Hardlink Project, Redhat | 3 Debian Linux, Hardlink, Enterprise Linux | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. A remote attacker could provide a specially-crafted directory tree, and trick the local user into consolidating it, leading to hardlink executable crash, or, potentially arbitrary code execution with the privileges of the user running the hardlink executable. | |||||
| CVE-2011-0699 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
| Integer signedness error in the btrfs_ioctl_space_info function in the Linux kernel 2.6.37 allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted slot value. | |||||
| CVE-2024-23715 | 1 Google | 1 Android | 2024-11-20 | N/A | 7.8 HIGH |
| In PMRWritePMPageList of pmr.c, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-49528 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2024-11-18 | N/A | 7.8 HIGH |
| Animate versions 23.0.7, 24.0.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-47907 | 1 Ivanti | 1 Connect Secure | 2024-11-18 | N/A | 7.5 HIGH |
| A stack-based buffer overflow in IPsec of Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to cause a denial of service. | |||||
| CVE-2024-49509 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-11-16 | N/A | 7.8 HIGH |
| InDesign Desktop versions ID18.5.3, ID19.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-49508 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-11-16 | N/A | 7.8 HIGH |
| InDesign Desktop versions ID18.5.2, ID19.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-49507 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-11-16 | N/A | 7.8 HIGH |
| InDesign Desktop versions ID18.5.2, ID19.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||