Vulnerabilities (CVE)

Filtered by CWE-120
Total 999 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-6122 1 Call-cc 1 Chicken 2019-11-05 5.0 MEDIUM 7.5 HIGH
Buffer overflow in the thread scheduler in Chicken before 4.8.0.1 allows attackers to cause a denial of service (crash) by opening a file descriptor with a large integer value.
CVE-2019-17181 1 Intrasrv Project 1 Intrasrv 2019-11-01 10.0 HIGH 9.8 CRITICAL
A remote SEH buffer overflow has been discovered in IntraSrv 1.0 (2007-06-03). An attacker may send a crafted HTTP GET or HEAD request that can result in a compromise of the hosting system.
CVE-2016-2356 1 Milesight 2 Ip Security Camera, Ip Security Camera Firmware 2019-10-29 7.5 HIGH 9.8 CRITICAL
Milesight IP security cameras through 2016-11-14 have a buffer overflow in a web application via a long username or password.
CVE-2019-17666 1 Linux 1 Linux Kernel 2019-10-24 8.3 HIGH 8.8 HIGH
rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.
CVE-2019-4523 4 Ibm, Linux, Microsoft and 1 more 4 Db2 High Performance Unload Load, Linux Kernel, Windows and 1 more 2019-10-24 7.2 HIGH 7.8 HIGH
IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force ID: 165481.
CVE-2017-0176 1 Microsoft 2 Windows Server 2003, Windows Xp 2019-10-24 9.3 HIGH 8.1 HIGH
A buffer overflow in Smart Card authentication code in gpkcsp.dll in Microsoft Windows XP through SP3 and Server 2003 through SP2 allows a remote attacker to execute arbitrary code on the target computer, provided that the computer is joined in a Windows domain and has Remote Desktop Protocol connectivity (or Terminal Services) enabled.
CVE-2019-6327 1 Hp 20 Laserjet Pro M280-m281 T6b80a, Laserjet Pro M280-m281 T6b80a Firmware, Laserjet Pro M280-m281 T6b81a and 17 more 2019-10-24 7.5 HIGH 9.8 CRITICAL
HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v. 20190419), HP LaserJet Pro MFP M28-M31 Printer series (before v. 20190426) may have an IPP Parser potentially vulnerable to Buffer Overflow.
CVE-2019-17402 1 Exiv2 1 Exiv2 2019-10-21 4.3 MEDIUM 6.5 MEDIUM
Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimage_int.cpp, because there is no validation of the relationship of the total size to the offset and size.
CVE-2019-17320 1 Netsarang 1 Xftp 2019-10-16 7.5 HIGH 9.8 CRITICAL
NetSarang XFTP Client 6.0149 and earlier version contains a buffer overflow vulnerability caused by improper boundary checks when copying file name from an attacker controlled FTP server. That leads attacker to execute arbitrary code by sending a crafted filename.
CVE-2019-17243 1 Irfanview 1 Irfanview 2019-10-10 6.8 MEDIUM 7.8 HIGH
IrfanView 4.53 allows Data from a Faulting Address to control Code Flow starting at JPEG_LS+0x0000000000003155.
CVE-2019-17247 1 Irfanview 1 Irfanview 2019-10-10 6.8 MEDIUM 7.8 HIGH
IrfanView 4.53 allows Data from a Faulting Address to control a subsequent Write Address starting at JPEG_LS+0x0000000000007da8.
CVE-2019-17244 1 Irfanview 1 Irfanview 2019-10-10 6.8 MEDIUM 7.8 HIGH
IrfanView 4.53 allows Data from a Faulting Address to control Code Flow starting at JPEG_LS+0x0000000000001d8a.
CVE-2019-12655 1 Cisco 1 Ios 2019-10-09 7.8 HIGH 7.5 HIGH
A vulnerability in the FTP application layer gateway (ALG) functionality used by Network Address Translation (NAT), NAT IPv6 to IPv4 (NAT64), and the Zone-Based Policy Firewall (ZBFW) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a buffer overflow that occurs when an affected device inspects certain FTP traffic. An attacker could exploit this vulnerability by performing a specific FTP transfer through the device. A successful exploit could allow the attacker to cause the device to reload.
CVE-2018-14788 1 Fujielectric 2 Alpha5 Smart Loader, Alpha5 Smart Loader Firmware 2019-10-09 5.0 MEDIUM 5.3 MEDIUM
Fuji Electric Alpha5 Smart Loader Versions 3.7 and prior. A buffer overflow information disclosure vulnerability occurs when parsing certain file types.
CVE-2019-2341 1 Qualcomm 88 Mdm9150, Mdm9150 Firmware, Mdm9206 and 85 more 2019-10-03 4.6 MEDIUM 7.8 HIGH
Buffer overflow when the audio buffer size provided by user is larger than the maximum allowable audio buffer size. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24
CVE-2019-2333 1 Qualcomm 76 Mdm9150, Mdm9150 Firmware, Mdm9607 and 73 more 2019-10-03 4.6 MEDIUM 7.8 HIGH
Buffer overflow due to improper validation of buffer size while IPA driver processing to perform read operation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24
CVE-2019-10540 1 Qualcomm 54 Ipq8074, Ipq8074 Firmware, Msm8996au and 51 more 2019-10-03 10.0 HIGH 9.8 CRITICAL
Buffer overflow in WLAN NAN function due to lack of check of count value received in NAN availability attribute in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ8074, MSM8996AU, QCA6174A, QCA6574AU, QCA8081, QCA9377, QCA9379, QCS404, QCS405, QCS605, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SXR1130
CVE-2019-2252 1 Qualcomm 72 Mdm9650, Mdm9650 Firmware, Msm8909w and 69 more 2019-10-03 10.0 HIGH 9.8 CRITICAL
Classic buffer overflow vulnerability while playing the specific video whose Decode picture buffer size is more than 16 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130
CVE-2017-0520 1 Linux 1 Linux Kernel 2019-10-03 7.6 HIGH 7.0 HIGH
An elevation of privilege vulnerability in the Qualcomm crypto engine driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31750232. References: QC-CR#1082636.
CVE-2017-0594 1 Google 1 Android 2019-10-03 9.3 HIGH 7.8 HIGH
An elevation of privilege vulnerability in codecs/aacenc/SoftAACEncoder2.cpp in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34617444.