Search Results (4897 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-11043 1 Google 1 Android 2025-04-20 N/A
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a WiFI driver function, an integer overflow leading to heap buffer overflow may potentially occur.
CVE-2016-8574 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-04-20 N/A
The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print().
CVE-2017-12110 1 Libxls Project 1 Libxls 2025-04-20 N/A
An exploitable integer overflow vulnerability exists in the xls_appendSST function of libxls 1.4.A specially crafted XLS file can cause memory corruption resulting in remote code execution.
CVE-2017-5601 1 Libarchive 1 Libarchive 2025-04-20 N/A
An error in the lha_read_file_header_1() function (archive_read_support_format_lha.c) in libarchive 3.2.2 allows remote attackers to trigger an out-of-bounds read memory access and subsequently cause a crash via a specially crafted archive.
CVE-2016-10507 1 Uclouvain 1 Openjpeg 2025-04-20 N/A
Integer overflow vulnerability in the bmp24toimage function in convertbmp.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted bmp file.
CVE-2017-5486 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-04-20 N/A
The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().
CVE-2017-5340 3 Netapp, Php, Redhat 3 Clustered Data Ontap, Php, Rhel Software Collections 2025-04-20 9.8 Critical
Zend/zend_hash.c in PHP before 7.0.15 and 7.1.x before 7.1.1 mishandles certain cases that require large array allocations, which allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow, uninitialized memory access, and use of arbitrary destructor function pointers) via crafted serialized data.
CVE-2017-6313 3 Debian, Fedoraproject, Gnome 3 Debian Linux, Fedora, Gdk-pixbuf 2025-04-20 7.1 High
Integer underflow in the load_resources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (out-of-bounds read and program crash) via a crafted image entry size in an ICO file.
CVE-2017-5208 3 Debian, Icoutils Project, Redhat 9 Debian Linux, Icoutils, Enterprise Linux and 6 more 2025-04-20 N/A
Integer overflow in the wrestool program in icoutils before 0.31.1 allows remote attackers to cause a denial of service (memory corruption) via a crafted executable, which triggers a denial of service (application crash) or the possibility of execution of arbitrary code.
CVE-2017-17426 1 Gnu 1 Glibc 2025-04-20 N/A
The malloc function in the GNU C Library (aka glibc or libc6) 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZE_MAX, potentially leading to a subsequent heap overflow. This occurs because the per-thread cache (aka tcache) feature enables a code path that lacks an integer overflow check.
CVE-2017-5049 4 Apple, Google, Linux and 1 more 5 Macos, Android, Chrome and 2 more 2025-04-20 N/A
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer.
CVE-2016-8438 1 Linux 1 Linux Kernel 2025-04-20 N/A
Integer overflow leading to a TOCTOU condition in hypervisor PIL. An integer overflow exposes a race condition that may be used to bypass (Peripheral Image Loader) PIL authentication. Product: Android. Versions: Kernel 3.18. Android ID: A-31624565. References: QC-CR#1023638.
CVE-2017-6839 1 Audiofile 1 Audiofile 2025-04-20 N/A
Integer overflow in modules/MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
CVE-2015-7979 2 Ntp, Redhat 3 Ntp, Enterprise Linux, Rhel Eus 2025-04-20 N/A
NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (client-server association tear down) by sending broadcast packets with invalid authentication to a broadcast client.
CVE-2017-8278 1 Google 1 Android 2025-04-20 N/A
In all Qualcomm products with Android releases from CAF using the Linux kernel, while reading audio data from an unspecified driver, a buffer overflow or integer overflow could occur.
CVE-2016-7935 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-04-20 N/A
The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtp_print().
CVE-2007-5199 1 X 1 Libxfont 2025-04-20 9.8 Critical
A single byte overflow in catalogue.c in X.Org libXfont 1.3.1 allows remote attackers to have unspecified impact.
CVE-2017-8255 1 Google 1 Android 2025-04-20 N/A
In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in boot.
CVE-2017-2888 3 Canonical, Debian, Libsdl 3 Ubuntu Linux, Debian Linux, Simple Directmedia Layer 2025-04-20 8.8 High
An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. A specially crafted file can cause an integer overflow resulting in too little memory being allocated which can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability.
CVE-2017-2921 1 Cesanta 1 Mongoose 2025-04-20 9.8 Critical
An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause an integer overflow, leading to a heap buffer overflow and resulting in denial of service and potential remote code execution. An attacker needs to send a specially crafted websocket packet over network to trigger this vulnerability.