Vulnerabilities (CVE)

Filtered by CWE-119
Total 12852 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-8180 1 Huawei 2 Mtk Platform Smart Phone, Mtk Platform Smart Phone Firmware 2025-04-20 6.8 MEDIUM 7.8 HIGH
The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a buffer overflow vulnerability.Due to the insufficient input verification, an attacker tricks a user into installing a malicious application which has special privilege and sends a specific parameter to the driver of the smart phone, causing privilege escalation.
CVE-2017-1000364 1 Linux 1 Linux Kernel 2025-04-20 6.2 MEDIUM 7.4 HIGH
An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010).
CVE-2017-3054 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more 2025-04-20 9.3 HIGH 7.8 HIGH
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to manipulation of EMF files. Successful exploitation could lead to arbitrary code execution.
CVE-2017-11059 1 Google 1 Android 2025-04-20 4.6 MEDIUM 7.8 HIGH
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, setting the HMAC key by different threads during SHA operations may potentially lead to a buffer overflow.
CVE-2017-11592 1 Exiv2 1 Exiv2 2025-04-20 5.0 MEDIUM 7.5 HIGH
There is a Mismatched Memory Management Routines vulnerability in the Exiv2::FileIo::seek function of Exiv2 0.26 that will lead to a remote denial of service attack (heap memory corruption) via crafted input.
CVE-2017-5508 1 Imagemagick 1 Imagemagick 2025-04-20 4.3 MEDIUM 5.5 MEDIUM
Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF file.
CVE-2017-16931 1 Xmlsoft 1 Libxml2 2025-04-20 7.5 HIGH 9.8 CRITICAL
parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name.
CVE-2017-7009 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2025-04-20 9.3 HIGH 7.8 HIGH
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "IOUSBFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2017-6429 1 Broadcom 1 Tcpreplay 2025-04-20 6.8 MEDIUM 7.8 HIGH
Buffer overflow in the tcpcapinfo utility in Tcpreplay before 4.2.0 Beta 1 allows remote attackers to have unspecified impact via a pcap file with an over-size packet.
CVE-2017-1000127 1 Exiv2 1 Exiv2 2025-04-20 4.3 MEDIUM 5.5 MEDIUM
Exiv2 0.26 contains a heap buffer overflow in tiff parser
CVE-2017-2521 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2025-04-20 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-15311 1 Huawei 8 Mate 10, Mate 10 Firmware, Mate 10 Pro and 5 more 2025-04-20 5.8 MEDIUM 8.8 HIGH
The baseband modules of Mate 10, Mate 10 Pro, Mate 9, Mate 9 Pro Huawei smart phones with software before ALP-AL00 8.0.0.120(SP2C00), before BLA-AL00 8.0.0.120(SP2C00), before MHA-AL00B 8.0.0.334(C00), and before LON-AL00B 8.0.0.334(C00) have a stack overflow vulnerability due to the lack of parameter validation. An attacker could send malicious packets to the smart phones within radio range by special wireless device, which leads stack overflow when the baseband module handles these packets. The attacker could exploit this vulnerability to perform a denial of service attack or remote code execution in baseband module.
CVE-2017-0018 1 Microsoft 1 Internet Explorer 2025-04-20 7.6 HIGH 7.5 HIGH
Microsoft Internet Explorer 10 and 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0037 and CVE-2017-0149.
CVE-2016-8411 1 Google 1 Android 2025-04-20 10.0 HIGH 9.8 CRITICAL
Buffer overflow vulnerability while processing QMI QOS TLVs. Product: Android. Versions: versions that have qmi_qos_srvc.c. Android ID: 31805216. References: QC CR#912775.
CVE-2016-9676 1 Citrix 1 Provisioning Services 2025-04-20 7.5 HIGH 9.8 CRITICAL
Buffer overflow in Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code via unspecified vectors.
CVE-2017-10740 2 Microsoft, Xnview 2 Windows, Xnview 2025-04-20 4.6 MEDIUM 7.8 HIGH
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlRbInsertNodeEx+0x000000000000002d."
CVE-2017-2464 1 Apple 3 Iphone Os, Safari, Tvos 2025-04-20 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-13090 2 Debian, Gnu 2 Debian Linux, Wget 2025-04-20 9.3 HIGH 8.8 HIGH
The retr.c:fd_read_body() function is called when processing OK responses. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the chunk length is a non-negative number. The code then tries to read the chunk in pieces of 8192 bytes by using the MIN() macro, but ends up passing the negative chunk length to retr.c:fd_read(). As fd_read() takes an int argument, the high 32 bits of the chunk length are discarded, leaving fd_read() with a completely attacker controlled length argument. The attacker can corrupt malloc metadata after the allocated buffer.
CVE-2017-11498 1 Gemalto 1 Sentinel Ldk Rte 2025-04-20 5.0 MEDIUM 7.5 HIGH
Buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to shut down the remote process (a denial of service) via a language pack (ZIP file) with invalid HTML files.
CVE-2011-5320 1 Gnu 1 Glibc 2025-04-20 2.1 LOW 6.2 MEDIUM
scanf and related functions in glibc before 2.15 allow local users to cause a denial of service (segmentation fault) via a large string of 0s.