Total
12549 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-10052 | 1 Qualcomm | 56 Fsm9055, Fsm9055 Firmware, Ipq4019 and 53 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, SD 835, and SDX20, the reserved memory of TZ subsystem (like TZ apps and some PIL image subsystem) is not cleared after being used. | |||||
| CVE-2014-10045 | 1 Qualcomm | 42 Ipq4019, Ipq4019 Firmware, Mdm9206 and 39 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 820, and SDX20, buffer overflow vulnerability exist in Sahara boot when program header are parsing. | |||||
| CVE-2014-10043 | 1 Qualcomm | 16 Msm8909w, Msm8909w Firmware, Sd 205 and 13 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, and SD 800, while reading PlayReady rights string information from command buffer (which is sent from non-secure side), if length of rights string is very large, a buffer over read occurs, exposing TZ App memory to non-secure side. | |||||
| CVE-2014-0158 | 2 Opensuse, Uclouvain | 2 Opensuse, Openjpeg | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Heap-based buffer overflow in the JPEG2000 image tile decoder in OpenJPEG before 1.5.2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file because of incorrect j2k_decode, j2k_read_eoc, and tcd_decode_tile interaction, a related issue to CVE-2013-6045. NOTE: this is not a duplicate of CVE-2013-1447, because the scope of CVE-2013-1447 was specifically defined in http://openwall.com/lists/oss-security/2013/12/04/6 as only "null pointer dereferences, division by zero, and anything that would just fit as DoS." | |||||
| CVE-2013-7490 | 1 Perl | 1 Dbi | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in the DBI module before 1.632 for Perl. Using many arguments to methods for Callbacks may lead to memory corruption. | |||||
| CVE-2013-7185 | 1 Daum | 1 Potplayer | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| PotPlayer 1.5.40688: .avi File Memory Corruption | |||||
| CVE-2013-7087 | 3 Clamav, Debian, Fedoraproject | 3 Clamav, Debian Linux, Fedora | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| ClamAV before 0.97.7 has WWPack corrupt heap memory | |||||
| CVE-2013-5571 | 1 Hmailserver | 1 Hmailserver | 2024-11-21 | 2.6 LOW | 5.9 MEDIUM |
| HMailServer 5.3.x and prior: Memory Corruption which could cause DOS | |||||
| CVE-2013-4532 | 3 Canonical, Debian, Qemu | 3 Ubuntu Linux, Debian Linux, Qemu | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Qemu 1.1.2+dfsg to 2.1+dfsg suffers from a buffer overrun which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. | |||||
| CVE-2013-3947 | 1 Ahnlab | 1 V3 Internet Security | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Buffer overflow in MedCoreD.sys in AhnLab V3 Internet Security 8.0.7.5 (Build 1373) allows local users to gain privileges via a crafted 0xA3350014 IOCTL call. | |||||
| CVE-2013-3553 | 1 Nitropdf | 2 Nitro Pro, Nitro Reader | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Nitro Pro 7.5.0.22 and earlier and Nitro Reader 2.5.0.36 and earlier allow remote attackers to execute arbitrary code via a crafted PDF file. | |||||
| CVE-2013-3552 | 1 Nitropdf | 2 Nitro Pro, Nitro Reader | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Nitro Pro 7.5.0.29 and earlier and Nitro Reader 2.5.0.45 and earlier allow remote attackers to execute arbitrary code via a crafted PDF file. | |||||
| CVE-2013-2739 | 2 Debian, Readymedia Project | 2 Debian Linux, Readymedia | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| MiniDLNA has heap-based buffer overflow | |||||
| CVE-2012-6712 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption. | |||||
| CVE-2012-6711 | 2 Gnu, Redhat | 2 Bash, Enterprise Linux | 2024-11-21 | 4.6 MEDIUM | 7.0 HIGH |
| A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print through the "echo -e" built-in function, may use this flaw to crash a script or execute code with the privileges of the bash process. This occurs because ansicstr() in lib/sh/strtrans.c mishandles u32cconv(). | |||||
| CVE-2012-4750 | 1 Ezhometech | 1 Ezserver | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A Code Execution vulnerability exists in the memcpy function when processing AMF requests in Ezhometech EzServer 7.0, which could let a remote malicious user execute arbitrary code or cause a Denial of Service | |||||
| CVE-2012-0771 | 1 Adobe | 1 Shockwave Player | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
| Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0759. | |||||
| CVE-2011-5327 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In the Linux kernel before 3.1, an off by one in the drivers/target/loopback/tcm_loop.c tcm_loop_make_naa_tpg() function could result in at least memory corruption. | |||||
| CVE-2010-5332 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.6 MEDIUM | 5.6 MEDIUM |
| In the Linux kernel before 2.6.37, an out of bounds array access happened in drivers/net/mlx4/port.c. When searching for a free entry in either mlx4_register_vlan() or mlx4_register_mac(), and there is no free entry, the loop terminates without updating the local variable free thus causing out of array bounds access. | |||||
| CVE-2010-0749 | 3 Debian, Linux, Transmissionbt | 3 Debian Linux, Linux Kernel, Transmission | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Transmission before 1.92 allows attackers to prevent download of a file by corrupted data during the endgame. | |||||