Search Results (19890 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-7611 3 Canonical, Debian, Elfutils Project 3 Ubuntu Linux, Debian Linux, Elfutils 2025-04-20 N/A
The check_symtab_shndx function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
CVE-2017-7608 3 Canonical, Debian, Elfutils Project 3 Ubuntu Linux, Debian Linux, Elfutils 2025-04-20 N/A
The ebl_object_note_type_name function in eblobjnotetypename.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
CVE-2017-7586 1 Libsndfile Project 1 Libsndfile 2025-04-20 N/A
In libsndfile before 1.0.28, an error in the "header_read()" function (common.c) when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.
CVE-2017-16938 1 Optipng Project 1 Optipng 2025-04-20 N/A
A global buffer overflow in OptiPNG 0.7.6 allows remote attackers to cause a denial-of-service attack or other unspecified impact with a maliciously crafted GIF format file, related to an uncontrolled loop in the LZWReadByte function of the gifread.c file.
CVE-2017-16808 1 Tcpdump 1 Tcpdump 2025-04-20 N/A
tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c.
CVE-2017-15021 1 Gnu 1 Binutils 2025-04-20 N/A
bfd_get_debug_link_info_1 in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to bfd_getl32.
CVE-2017-14643 1 Bento4 1 Bento4 2025-04-20 N/A
The AP4_HdlrAtom class in Core/Ap4HdlrAtom.cpp in Bento4 version 1.5.0-617 uses an incorrect character data type, leading to a heap-based buffer over-read and application crash in AP4_BytesToUInt32BE in Core/Ap4Utils.h.
CVE-2015-9050 1 Google 1 Android 2025-04-20 N/A
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists where an array out of bounds access can occur during a CA call.
CVE-2016-10067 1 Imagemagick 1 Imagemagick 2025-04-20 N/A
magick/memory.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via vectors involving "too many exceptions," which trigger a buffer overflow.
CVE-2016-10253 1 Erlang 1 Erlang\/otp 2025-04-20 N/A
An issue was discovered in Erlang/OTP 18.x. Erlang's generation of compiled regular expressions is vulnerable to a heap overflow. Regular expressions using a malformed extpattern can indirectly specify an offset that is used as an array index. This ordinal permits arbitrary regions within the erts_alloc arena to be both read and written to.
CVE-2015-8984 1 Gnu 1 Glibc 2025-04-20 N/A
The fnmatch function in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash) via a malformed pattern, which triggers an out-of-bounds read.
CVE-2016-10180 1 Dlink 2 Dwr-932b, Dwr-932b Firmware 2025-04-20 7.5 High
An issue was discovered on the D-Link DWR-932B router. WPS PIN generation is based on srand(time(0)) seeding.
CVE-2017-16899 2 Debian, Xfig Project 2 Debian Linux, Xfig 2025-04-20 N/A
An array index error in the fig2dev program in Xfig 3.2.6a allows remote attackers to cause a denial-of-service attack or information disclosure with a maliciously crafted Fig format file, related to a negative font value in dev/gentikz.c, and the read_textobject functions in read.c and read1_3.c.
CVE-2017-16612 3 Canonical, Debian, X 3 Ubuntu Linux, Debian Linux, Libxcursor 2025-04-20 N/A
libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcursor.c in Wayland through 1.14.0.
CVE-2017-15020 1 Gnu 1 Binutils 2025-04-20 N/A
dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles pointers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file, related to parse_die and parse_line_table, as demonstrated by a parse_die heap-based buffer over-read.
CVE-2017-13049 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-04-20 N/A
The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print().
CVE-2017-13046 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-04-20 N/A
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().
CVE-2017-0306 1 Linux 1 Linux Kernel 2025-04-20 N/A
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-34132950. References: N-CVE-2017-0306.
CVE-2017-13739 1 Liblouis 1 Liblouis 2025-04-20 N/A
There is a heap-based buffer overflow that causes a more than two thousand bytes out-of-bounds write in Liblouis 3.2.0, triggered in the function resolveSubtable() in compileTranslationTable.c. It will lead to denial of service or remote code execution.
CVE-2017-12562 2 Debian, Libsndfile Project 2 Debian Linux, Libsndfile 2025-04-20 9.8 Critical
Heap-based Buffer Overflow in the psf_binheader_writef function in common.c in libsndfile through 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.