Total
12126 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-2142 | 1 Iodata | 2 Wn-g300r3, Wn-g300r3 Firmware | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
| Buffer overflow in WN-G300R3 firmware Ver.1.03 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors. | |||||
| CVE-2017-8361 | 2 Debian, Libsndfile Project | 2 Debian Linux, Libsndfile | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
| The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted audio file. | |||||
| CVE-2016-6671 | 1 Ffmpeg | 1 Ffmpeg | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| The raw_decode function in libavcodec/rawdec.c in FFmpeg before 3.1.2 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted SWF file. | |||||
| CVE-2017-0587 | 1 Google | 1 Android | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| A remote code execution vulnerability in libmpeg2 in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35219737. | |||||
| CVE-2017-5204 | 3 Debian, Redhat, Tcpdump | 8 Debian Linux, Enterprise Linux Desktop, Enterprise Linux Server and 5 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print(). | |||||
| CVE-2016-7289 | 1 Microsoft | 1 Publisher | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Publisher 2010 SP2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." | |||||
| CVE-2016-7230 | 1 Microsoft | 3 Office Web Apps, Powerpoint, Powerpoint Viewer | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| Microsoft PowerPoint 2010 SP2, PowerPoint Viewer, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." | |||||
| CVE-2017-0234 | 1 Microsoft | 1 Edge | 2024-02-04 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238. | |||||
| CVE-2016-6042 | 1 Ibm | 1 Security Appscan | 2024-02-04 | 9.3 HIGH | 7.3 HIGH |
| IBM AppScan Enterprise Edition could allow a remote attacker to execute arbitrary code on the system, caused by improper handling of objects in memory. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to execute arbitrary code on the system in the same context as the victim. | |||||
| CVE-2017-7186 | 1 Pcre | 2 Pcre, Pcre2 | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| libpcre1 in PCRE 8.40 and libpcre2 in PCRE2 10.23 allow remote attackers to cause a denial of service (segmentation violation for read access, and application crash) by triggering an invalid Unicode property lookup. | |||||
| CVE-2016-7937 | 1 Tcpdump | 1 Tcpdump | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:vat_print(). | |||||
| CVE-2016-3740 | 1 Foxitsoftware | 1 Foxit Reader | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based buffer overflow in the CreateFXPDFConvertor function in ConvertToPdf_x86.dll in Foxit Reader 7.3.4.311 allows remote attackers to execute arbitrary code via a large SamplesPerPixel value in a crafted TIFF image that is mishandled during PDF conversion. This is fixed in 8.0. | |||||
| CVE-2016-8439 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
| Possible buffer overflow in trust zone access control API. Buffer overflow may occur due to lack of buffer size checking. Product: Android. Versions: Kernel 3.18. Android ID: A-31625204. References: QC-CR#1027804. | |||||
| CVE-2016-8574 | 1 Tcpdump | 1 Tcpdump | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print(). | |||||
| CVE-2017-7308 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls. | |||||
| CVE-2016-7232 | 1 Microsoft | 4 Office, Office Compatibility Pack, Word and 1 more | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." | |||||
| CVE-2016-8030 | 1 Mcafee | 1 Virusscan Enterprise | 2024-02-04 | 4.3 MEDIUM | 4.3 MEDIUM |
| A memory corruption vulnerability in Scriptscan COM Object in McAfee VirusScan Enterprise 8.8 Patch 8 and earlier allows remote attackers to create a Denial of Service on the active Internet Explorer tab via a crafted HTML link. | |||||
| CVE-2017-7407 | 1 Haxx | 1 Curl | 2024-02-04 | 2.1 LOW | 2.4 LOW |
| The ourWriteOut function in tool_writeout.c in curl 7.53.1 might allow physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a workstation screen during use of a --write-out argument ending in a '%' character, which leads to a heap-based buffer over-read. | |||||
| CVE-2016-3332 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka "Windows Common Log File System Driver Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0026, CVE-2016-3333, CVE-2016-3334, CVE-2016-3335, CVE-2016-3338, CVE-2016-3340, CVE-2016-3342, CVE-2016-3343, and CVE-2016-7184. | |||||
| CVE-2012-6704 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUF or (2) SO_RCVBUF option. | |||||