Export limit exceeded: 366507 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (9725 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-11572 1 Fontforge 1 Fontforge 2025-04-20 N/A
FontForge 20161012 is vulnerable to a heap-based buffer over-read in readcfftopdicts (parsettf.c) resulting in DoS or code execution via a crafted otf file.
CVE-2017-11573 1 Fontforge 1 Fontforge 2025-04-20 N/A
FontForge 20161012 is vulnerable to a buffer over-read in ValidatePostScriptFontName (parsettf.c) resulting in DoS or code execution via a crafted otf file.
CVE-2017-11600 2 Linux, Redhat 5 Linux Kernel, Enterprise Linux, Enterprise Mrg and 2 more 2025-04-20 7.0 High
net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink message.
CVE-2017-11605 1 Libsass 1 Libsass 2025-04-20 N/A
There is a heap based buffer over-read in LibSass 3.4.5, related to address 0xb4803ea1. A crafted input will lead to a remote denial of service attack.
CVE-2017-11704 1 Libming 1 Ming 2025-04-20 N/A
A heap-based buffer over-read was found in the function decompileIF in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-11714 2 Artifex, Debian 2 Ghostscript, Debian Linux 2025-04-20 N/A
psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the scanner state structure, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PostScript document, related to an out-of-bounds read in the igc_reloc_struct_ptr function in psi/igc.c.
CVE-2017-0725 1 Google 1 Android 2025-04-20 N/A
A denial of service vulnerability in the Android media framework (libskia). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-37627194.
CVE-2017-12067 1 Potrace Project 1 Potrace 2025-04-20 N/A
Potrace 1.14 has a heap-based buffer over-read in the interpolate_cubic function in mkbitmap.c.
CVE-2016-10029 1 Qemu 1 Qemu 2025-04-20 5.5 Medium
The virtio_gpu_set_scanout function in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process crash) via a scanout id in a VIRTIO_GPU_CMD_SET_SCANOUT command larger than num_scanouts.
CVE-2016-10065 2 Imagemagick, Opensuse 2 Imagemagick, Leap 2025-04-20 N/A
The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVE-2016-10071 1 Imagemagick 1 Imagemagick 2025-04-20 5.5 Medium
coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file.
CVE-2016-10195 3 Debian, Libevent Project, Redhat 3 Debian Linux, Libevent, Enterprise Linux 2025-04-20 9.8 Critical
The name_parse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the label_len variable, which triggers an out-of-bounds stack read.
CVE-2016-10226 1 Apple 1 Safari 2025-04-20 N/A
JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 18, allows remote attackers to cause a denial of service (bitfield out-of-bounds read and application crash) via crafted JavaScript code that is mishandled in the operatorString function, related to assembler/MacroAssemblerARM64.h, assembler/MacroAssemblerX86Common.h, and wasm/WasmB3IRGenerator.cpp.
CVE-2016-7932 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-04-20 N/A
The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum().
CVE-2016-7934 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-04-20 N/A
The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcp_print().
CVE-2016-5315 2 Debian, Libtiff 2 Debian Linux, Libtiff 2025-04-20 N/A
The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.
CVE-2016-7939 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-04-20 N/A
The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print-gre.c, multiple functions.
CVE-2016-5322 2 Debian, Libtiff 2 Debian Linux, Libtiff 2025-04-20 N/A
The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.
CVE-2017-0854 1 Google 1 Android 2025-04-20 N/A
An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63873837.
CVE-2017-14226 2 Libreoffice, Libwpd 2 Libreoffice, Libwpd 2025-04-20 7.5 High
WP1StylesListener.cpp, WP5StylesListener.cpp, and WP42StylesListener.cpp in libwpd 0.10.1 mishandle iterators, which allows remote attackers to cause a denial of service (heap-based buffer over-read in the WPXTableList class in WPXTable.cpp). This vulnerability can be triggered in LibreOffice before 5.3.7. It may lead to suffering a remote attack against a LibreOffice application.