Total
5812 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-5115 | 1 Libavformat Project | 1 Libavformat | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
The avcodec_decode_audio4 function in libavcodec in libavformat 57.34.103, as used in MPlayer, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mp3 file. | |||||
CVE-2017-9044 | 1 Gnu | 1 Binutils | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
The print_symbol_for_build_attribute function in readelf.c in GNU Binutils 2017-04-12 allows remote attackers to cause a denial of service (invalid read and SEGV) via a crafted ELF file. | |||||
CVE-2017-3033 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more | 2023-12-10 | 4.3 MEDIUM | 3.3 LOW |
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when handling JPEG 2000 code-stream tile data. | |||||
CVE-2016-7537 | 1 Imagemagick | 1 Imagemagick | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted PDB file. | |||||
CVE-2017-6004 | 1 Pcre | 1 Pcre | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The compile_bracket_matchingpath function in pcre_jit_compile.c in PCRE through 8.x before revision 1680 (e.g., the PHP 7.1.1 bundled version) allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted regular expression. | |||||
CVE-2016-9273 | 1 Libtiff | 1 Libtiff | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
tiffsplit in libtiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file, related to changing td_nstrips in TIFF_STRIPCHOP mode. | |||||
CVE-2016-5032 | 1 Libdwarf Project | 1 Libdwarf | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
The dwarf_get_xu_hash_entry function in libdwarf before 20160923 allows remote attackers to cause a denial of service (crash) via a crafted file. | |||||
CVE-2017-9152 | 1 Autotrace Project | 1 Autotrace | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the pnm_load_raw function in input-pnm.c:346:41. | |||||
CVE-2014-8355 | 1 Imagemagick | 1 Imagemagick | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read). | |||||
CVE-2016-3183 | 1 Uclouvain | 1 Openjpeg | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
The sycc422_t_rgb function in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted jpeg2000 file. | |||||
CVE-2017-5840 | 1 Gstreamer Project | 1 Gstreamer | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving the current stts index. | |||||
CVE-2016-7290 | 1 Microsoft | 7 Office, Office Compatibility Pack, Office Web Apps and 4 more | 2023-12-10 | 5.8 MEDIUM | 7.1 HIGH |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word for Mac 2011, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka "Microsoft Office Information Disclosure Vulnerability," a different vulnerability than CVE-2016-7291. | |||||
CVE-2017-6500 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in ImageMagick 6.9.7. A specially crafted sun file triggers a heap-based buffer over-read. | |||||
CVE-2017-8787 | 1 Podofo Project | 1 Podofo | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function in base/PdfXRefStreamParserObject.cpp:224 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted PDF file. | |||||
CVE-2016-7563 | 1 Artifex | 1 Mujs | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The chartorune function in Artifex Software MuJS allows attackers to cause a denial of service (out-of-bounds read) via a * (asterisk) at the end of the input. | |||||
CVE-2017-5563 | 1 Libtiff | 1 Libtiff | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff. | |||||
CVE-2016-5322 | 2 Debian, Libtiff | 2 Debian Linux, Libtiff | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image. | |||||
CVE-2016-5434 | 1 Pacman Project | 1 Pacman | 2023-12-10 | 7.1 HIGH | 5.5 MEDIUM |
libalpm, as used in pacman 5.0.1, allows remote attackers to cause a denial of service (infinite loop or out-of-bounds read) via a crafted signature file. | |||||
CVE-2014-8562 | 1 Imagemagick | 1 Imagemagick | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read). | |||||
CVE-2017-6658 | 1 Cisco | 1 Sourcefire Snort | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
Cisco Sourcefire Snort 3.0 before build 233 has a Buffer Overread related to use of a decoder array. The size was off by one making it possible to read past the end of the array with an ether type of 0xFFFF. Increasing the array size solves this problem. |