Export limit exceeded: 349308 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 14497 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 21858 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 15585 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (15585 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-11328 | 1 Virustotal | 1 Yara | 2025-04-20 | N/A |
| Heap buffer overflow in the yr_object_array_set_item() function in object.c in YARA 3.x allows a denial-of-service attack by scanning a crafted .NET file. | ||||
| CVE-2017-2954 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more | 2025-04-20 | N/A |
| Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion module when handling malformed TIFF images. Successful exploitation could lead to arbitrary code execution. | ||||
| CVE-2007-5341 | 1 Mozilla | 1 Firefox | 2025-04-20 | N/A |
| Remote code execution in the Venkman script debugger in Mozilla Firefox before 2.0.0.8. | ||||
| CVE-2017-8786 | 1 Pcre | 1 Pcre2 | 2025-04-20 | N/A |
| pcre2test.c in PCRE2 10.23 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression. | ||||
| CVE-2016-6830 | 1 Call-cc | 1 Chicken | 2025-04-20 | N/A |
| The "process-execute" and "process-spawn" procedures in CHICKEN Scheme used fixed-size buffers for holding the arguments and environment variables to use in its execve() call. This would allow user-supplied argument/environment variable lists to trigger a buffer overrun. This affects all releases of CHICKEN up to and including 4.11 (it will be fixed in 4.12 and 5.0, which are not yet released). | ||||
| CVE-2017-0003 | 1 Microsoft | 2 Sharepoint Enterprise Server, Word | 2025-04-20 | N/A |
| Microsoft Word 2016 and SharePoint Enterprise Server 2016 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." | ||||
| CVE-2016-2377 | 3 Canonical, Debian, Pidgin | 3 Ubuntu Linux, Debian Linux, Pidgin | 2025-04-20 | N/A |
| A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent by the server could potentially result in an out-of-bounds write of one byte. A malicious server can send a negative content-length in response to a HTTP request triggering the vulnerability. | ||||
| CVE-2016-2339 | 1 Ruby-lang | 1 Ruby | 2025-04-20 | N/A |
| An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby. In Fiddle::Function.new "initialize" heap buffer "arg_types" allocation is made based on args array length. Specially constructed object passed as element of args array can increase this array size after mentioned allocation and cause heap overflow. | ||||
| CVE-2017-6435 | 1 Libplist Project | 1 Libplist | 2025-04-20 | N/A |
| The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory corruption) via a crafted plist file. | ||||
| CVE-2017-6828 | 1 Audiofile | 1 Audiofile | 2025-04-20 | N/A |
| Heap-based buffer overflow in the readValue function in FileHandle.cpp in audiofile (aka libaudiofile and Audio File Library) 0.3.6 allows remote attackers to have unspecified impact via a crafted WAV file. | ||||
| CVE-2017-6965 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| readelf in GNU Binutils 2.28 writes to illegal addresses while processing corrupt input files containing symbol-difference relocations, leading to a heap-based buffer overflow. | ||||
| CVE-2014-0145 | 2 Qemu, Redhat | 3 Qemu, Enterprise Linux, Openstack | 2025-04-20 | N/A |
| Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0.0, allow local users to cause a denial of service (crash) or possibly execute arbitrary code via a large (1) L1 table in the qcow2_snapshot_load_tmp in the QCOW 2 block driver (block/qcow2-snapshot.c) or (2) uncompressed chunk, (3) chunk length, or (4) number of sectors in the DMG block driver (block/dmg.c). | ||||
| CVE-2017-7246 | 2 Pcre, Redhat | 2 Pcre, Jboss Core Services | 2025-04-20 | N/A |
| Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file. | ||||
| CVE-2017-7506 | 2 Redhat, Spice Project | 2 Enterprise Linux, Spice | 2025-04-20 | N/A |
| spice versions though 0.13 are vulnerable to out-of-bounds memory access when processing specially crafted messages from authenticated attacker to the spice server resulting into crash and/or server memory leak. | ||||
| CVE-2017-13739 | 1 Liblouis | 1 Liblouis | 2025-04-20 | N/A |
| There is a heap-based buffer overflow that causes a more than two thousand bytes out-of-bounds write in Liblouis 3.2.0, triggered in the function resolveSubtable() in compileTranslationTable.c. It will lead to denial of service or remote code execution. | ||||
| CVE-2017-7585 | 1 Libsndfile Project | 1 Libsndfile | 2025-04-20 | N/A |
| In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file. | ||||
| CVE-2017-7586 | 1 Libsndfile Project | 1 Libsndfile | 2025-04-20 | N/A |
| In libsndfile before 1.0.28, an error in the "header_read()" function (common.c) when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file. | ||||
| CVE-2017-7679 | 2 Apache, Redhat | 5 Http Server, Enterprise Linux, Jboss Core Services and 2 more | 2025-04-20 | N/A |
| In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header. | ||||
| CVE-2017-7742 | 1 Libsndfile Project | 1 Libsndfile | 2025-04-20 | N/A |
| In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with read memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585. | ||||
| CVE-2017-8398 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| dwarf.c in GNU Binutils 2.28 is vulnerable to an invalid read of size 1 during dumping of debug information from a corrupt binary. This vulnerability causes programs that conduct an analysis of binary programs, such as objdump and readelf, to crash. | ||||