Total
5776 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-5335 | 2 Gnu, Opensuse | 2 Gnutls, Leap | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate. | |||||
CVE-2016-10169 | 1 Wavpack Project | 1 Wavpack | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
The read_code function in read_words.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file. | |||||
CVE-2016-3178 | 1 Miniupnp Project | 1 Minissdpd | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 allows local users to cause a denial of service (out-of-bounds memory access and daemon crash) via vectors involving a negative length value. | |||||
CVE-2016-5043 | 1 Libdwarf Project | 1 Libdwarf | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The dwarf_dealloc function in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted DWARF section. | |||||
CVE-2017-2450 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2023-12-10 | 5.8 MEDIUM | 7.1 HIGH |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreText" component. It allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted font file. | |||||
CVE-2016-7951 | 2 Fedoraproject, X | 2 Fedora, Libxtst | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Multiple integer overflows in X.org libXtst before 1.2.3 allow remote X servers to trigger out-of-bounds memory access operations by leveraging the lack of range checks. | |||||
CVE-2017-3051 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of JPEG files. Successful exploitation could lead to arbitrary code execution. | |||||
CVE-2016-7527 | 1 Imagemagick | 1 Imagemagick | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. | |||||
CVE-2017-5896 | 1 Artifex | 1 Mupdf | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
Heap-based buffer overflow in the fz_subsample_pixmap function in fitz/pixmap.c in MuPDF 1.10a allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted image. | |||||
CVE-2016-6163 | 1 Gnome | 1 Librsvg | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librsvg2 2.40.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted svg file. | |||||
CVE-2015-8608 | 1 Perl | 1 Perl | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
The VDir::MapPathA and VDir::MapPathW functions in Perl 5.22 allow remote attackers to cause a denial of service (out-of-bounds read) and possibly execute arbitrary code via a crafted (1) drive letter or (2) pInName argument. | |||||
CVE-2016-4682 | 1 Apple | 1 Mac Os X | 2023-12-10 | 5.8 MEDIUM | 7.1 HIGH |
An issue was discovered in certain Apple products. macOS before 10.12 is affected. macOS before 10.12.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted SGI file. | |||||
CVE-2016-5825 | 1 Libical Project | 1 Libical | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
The icalparser_parse_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted ics file. | |||||
CVE-2017-2439 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2023-12-10 | 5.8 MEDIUM | 7.1 HIGH |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "FontParser" component. It allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted font file. | |||||
CVE-2016-9797 | 1 Bluez | 1 Bluez | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
In BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash. | |||||
CVE-2016-10199 | 1 Gstreamer Project | 1 Gstreamer | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The qtdemux_tag_add_str_full function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted tag value. | |||||
CVE-2016-9935 | 1 Php | 1 Php | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
The php_wddx_push_element function in ext/wddx/wddx.c in PHP before 5.6.29 and 7.x before 7.0.14 allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) or possibly have unspecified other impact via an empty boolean element in a wddxPacket XML document. | |||||
CVE-2016-7264 | 1 Microsoft | 4 Excel, Excel For Mac, Excel Viewer and 1 more | 2023-12-10 | 5.8 MEDIUM | 7.1 HIGH |
Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, Excel for Mac 2011, and Excel 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka "Microsoft Office Information Disclosure Vulnerability." | |||||
CVE-2016-10197 | 2 Debian, Libevent Project | 2 Debian Linux, Libevent | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The search_make_new function in evdns.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (out-of-bounds read) via an empty hostname. | |||||
CVE-2017-6335 | 1 Graphicsmagick | 1 Graphicsmagick | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
The QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a small samples per pixel value in a CMYKA TIFF file. |