Total
12126 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-4292 | 1 Hancom | 1 Hancom Office 2014 | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| When opening a Hangul HShow Document (.hpt) and processing a structure within the document, Hancom Office 2014 will use a static size to allocate a heap buffer yet explicitly trust a size from the file when modifying data inside of it. Due to this, an aggressor can corrupt memory outside the bounds of this buffer which can lead to code execution under the context of the application. | |||||
| CVE-2017-0040 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 7.6 HIGH | 7.5 HIGH |
| The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." This vulnerability is different from that described in CVE-2017-0130. | |||||
| CVE-2016-10311 | 1 Sap | 1 Netweaver | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Stack-based buffer overflow in SAP NetWeaver 7.0 through 7.5 allows remote attackers to cause a denial of service () by sending a crafted packet to the SAPSTARTSRV port, aka SAP Security Note 2295238. | |||||
| CVE-2017-6191 | 1 Apng Disassembler Project | 1 Apng Disassembler | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| Buffer overflow in APNGDis 2.8 and below allows a remote attacker to execute arbitrary code via a crafted filename. | |||||
| CVE-2016-7589 | 1 Apple | 5 Icloud, Iphone Os, Itunes and 2 more | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. watchOS before 3.1.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | |||||
| CVE-2017-6980 | 1 Apple | 3 Iphone Os, Safari, Tvos | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | |||||
| CVE-2017-6975 | 1 Apple | 1 Iphone Os | 2024-02-04 | 7.2 HIGH | 6.8 MEDIUM |
| Wi-Fi in Apple iOS before 10.3.1 does not prevent CVE-2017-6956 stack buffer overflow exploitation via a crafted access point. NOTE: because an operating system could potentially isolate itself from CVE-2017-6956 exploitation without patching Broadcom firmware functions, there is a separate CVE ID for the operating-system behavior. | |||||
| CVE-2017-9153 | 1 Autotrace Project | 1 Autotrace | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the pnm_load_rawpbm function in input-pnm.c:391:13. | |||||
| CVE-2016-6115 | 1 Ibm | 2 General Parallel File System, Spectrum Scale | 2024-02-04 | 9.0 HIGH | 7.2 HIGH |
| IBM General Parallel File System is vulnerable to a buffer overflow. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with root privileges or cause the server to crash. | |||||
| CVE-2017-6459 | 1 Ntp | 1 Ntp | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
| The Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via vectors related to an argument with multiple null bytes. | |||||
| CVE-2017-8378 | 1 Podofo Project | 1 Podofo | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Heap-based buffer overflow in the PdfParser::ReadObjects function in base/PdfParser.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors related to m_offsets.size. | |||||
| CVE-2016-10040 | 1 Qt | 1 Qxmlsimplereader | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows remote attackers to cause a denial of service (application crash) via a xml file with multiple nested open tags. | |||||
| CVE-2017-2459 | 1 Apple | 3 Iphone Os, Safari, Tvos | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | |||||
| CVE-2016-7935 | 1 Tcpdump | 1 Tcpdump | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtp_print(). | |||||
| CVE-2016-7640 | 1 Apple | 4 Icloud, Iphone Os, Itunes and 1 more | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | |||||
| CVE-2017-2435 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreText" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file. | |||||
| CVE-2017-8397 | 1 Gnu | 1 Binutils | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 and an invalid write of size 1 during processing of a corrupt binary containing reloc(s) with negative addresses. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objdump, to crash. | |||||
| CVE-2017-3040 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JBIG2 image compression module. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-10055 | 1 Imagemagick | 1 Imagemagick | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| Buffer overflow in the WritePDBImage function in coders/pdb.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file. | |||||
| CVE-2016-6917 | 2 Google, Nvidia | 9 Nexus 9, Pixel C, Shield Tablet and 6 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| Buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5. | |||||