Total
2402 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-3717 | 2 Apple, Sqlite | 3 Iphone Os, Mac Os X, Sqlite | 2024-02-04 | 7.5 HIGH | N/A |
Multiple buffer overflows in the printf functionality in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. | |||||
CVE-2015-8126 | 9 Apple, Canonical, Debian and 6 more | 21 Mac Os X, Ubuntu Linux, Debian Linux and 18 more | 2024-02-04 | 7.5 HIGH | N/A |
Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. | |||||
CVE-2016-5343 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2 Voice Service driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write request, as demonstrated by a voice_svc_send_req buffer overflow. | |||||
CVE-2015-7512 | 4 Debian, Oracle, Qemu and 1 more | 9 Debian Linux, Linux, Qemu and 6 more | 2024-02-04 | 6.8 MEDIUM | 9.0 CRITICAL |
Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet. | |||||
CVE-2015-5093 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. | |||||
CVE-2014-1509 | 5 Canonical, Mozilla, Opensuse and 2 more | 16 Ubuntu Linux, Firefox, Firefox Esr and 13 more | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF document. | |||||
CVE-2014-0195 | 4 Fedoraproject, Mariadb, Openssl and 1 more | 5 Fedora, Mariadb, Openssl and 2 more | 2024-02-04 | 6.8 MEDIUM | N/A |
The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment. | |||||
CVE-2015-0982 | 1 Schneider-electric | 1 Pelco Ds-nv | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in an unspecified DLL in Schneider Electric Pelco DS-NVs before 7.8.90 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
CVE-2014-3554 | 1 Libndp | 1 Libndp | 2024-02-04 | 6.8 MEDIUM | N/A |
Buffer overflow in the ndp_msg_opt_dnssl_domain function in libndp allows remote routers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DNS Search List (DNSSL) in an IPv6 router advertisement. | |||||
CVE-2014-0049 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 7.4 HIGH | N/A |
Buffer overflow in the complete_emulated_mmio function in arch/x86/kvm/x86.c in the Linux kernel before 3.13.6 allows guest OS users to execute arbitrary code on the host OS by leveraging a loop that triggers an invalid memory copy affecting certain cancel_work_item data. | |||||
CVE-2014-1524 | 7 Canonical, Debian, Fedoraproject and 4 more | 16 Ubuntu Linux, Debian Linux, Fedora and 13 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted JavaScript code that accesses a non-XBL object as if it were an XBL object. | |||||
CVE-2013-4344 | 4 Canonical, Opensuse, Qemu and 1 more | 8 Ubuntu Linux, Opensuse, Qemu and 5 more | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in the SCSI implementation in QEMU, as used in Xen, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a REPORT LUNS command. | |||||
CVE-2013-0894 | 7 Apple, Canonical, Ffmpeg and 4 more | 7 Macos, Ubuntu Linux, Ffmpeg and 4 more | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in the vorbis_parse_setup_hdr_floors function in the Vorbis decoder in vorbisdec.c in libavcodec in FFmpeg through 1.1.3, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds array access) or possibly have unspecified other impact via vectors involving a zero value for a bark map size. | |||||
CVE-2012-2763 | 1 Gimp | 1 Gimp | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in the readstr_upto function in plug-ins/script-fu/tinyscheme/scheme.c in GIMP 2.6.12 and earlier, and possibly 2.6.13, allows remote attackers to execute arbitrary code via a long string in a command to the script-fu server. | |||||
CVE-2012-6075 | 7 Canonical, Debian, Fedoraproject and 4 more | 13 Ubuntu Linux, Debian Linux, Fedora and 10 more | 2024-02-04 | 9.3 HIGH | N/A |
Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly execute arbitrary guest code via a large packet. | |||||
CVE-2012-2089 | 2 F5, Fedoraproject | 2 Nginx, Fedora | 2024-02-04 | 6.8 MEDIUM | N/A |
Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file. | |||||
CVE-2011-3353 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 4.9 MEDIUM | 5.5 MEDIUM |
Buffer overflow in the fuse_notify_inval_entry function in fs/fuse/dev.c in the Linux kernel before 3.1 allows local users to cause a denial of service (BUG_ON and system crash) by leveraging the ability to mount a FUSE filesystem. | |||||
CVE-2011-3959 | 1 Google | 1 Chrome | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in the locale implementation in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
CVE-2010-2527 | 3 Canonical, Debian, Freetype | 3 Ubuntu Linux, Debian Linux, Freetype | 2024-02-04 | 6.8 MEDIUM | N/A |
Multiple buffer overflows in demo programs in FreeType before 2.4.0 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. | |||||
CVE-2010-1205 | 10 Apple, Canonical, Debian and 7 more | 17 Iphone Os, Itunes, Mac Os X and 14 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row. |