Search Results (9725 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-16899 2 Debian, Xfig Project 2 Debian Linux, Xfig 2025-04-20 N/A
An array index error in the fig2dev program in Xfig 3.2.6a allows remote attackers to cause a denial-of-service attack or information disclosure with a maliciously crafted Fig format file, related to a negative font value in dev/gentikz.c, and the read_textobject functions in read.c and read1_3.c.
CVE-2016-7969 3 Fedoraproject, Libass Project, Opensuse 4 Fedora, Libass, Leap and 1 more 2025-04-20 7.5 High
The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping equalization."
CVE-2017-11568 1 Fontforge 1 Fontforge 2025-04-20 N/A
FontForge 20161012 is vulnerable to a heap-based buffer over-read in PSCharStringToSplines (psread.c) resulting in DoS or code execution via a crafted otf file.
CVE-2017-6011 3 Debian, Icoutils Project, Redhat 9 Debian Linux, Icoutils, Enterprise Linux and 6 more 2025-04-20 N/A
An issue was discovered in icoutils 0.31.1. An out-of-bounds read leading to a buffer overflow was observed in the "simple_vec" function in the "extract.c" source file. This affects icotool.
CVE-2017-8365 2 Debian, Libsndfile Project 2 Debian Linux, Libsndfile 2025-04-20 N/A
The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file.
CVE-2016-6823 1 Imagemagick 1 Imagemagick 2025-04-20 7.5 High
Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted height and width values, which triggers an out-of-bounds write.
CVE-2016-7985 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-04-20 N/A
The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calm_fast_print().
CVE-2017-13744 2 Liblouis, Redhat 2 Liblouis, Enterprise Linux 2025-04-20 N/A
There is an illegal address access in the function _lou_getALine() in compileTranslationTable.c:343 in Liblouis 3.2.0.
CVE-2017-5834 1 Libimobiledevice 1 Libplist 2025-04-20 N/A
The parse_dict_node function in bplist.c in libplist allows attackers to cause a denial of service (out-of-bounds heap read and crash) via a crafted file.
CVE-2017-3735 3 Debian, Openssl, Redhat 3 Debian Linux, Openssl, Enterprise Linux 2025-04-20 N/A
While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g.
CVE-2017-4936 1 Vmware 2 Horizon View, Workstation 2025-04-20 N/A
VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client.
CVE-2017-17066 2 Getkovri, I2pd 2 Kovri, I2pd 2025-04-20 N/A
The (1) i2pd before 2.17 and (2) kovri pre-alpha implementations of the I2P routing protocol do not properly handle Garlic DeliveryTypeTunnel packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading sensitive router memory, aka the GarlicRust bug.
CVE-2017-8313 1 Videolan 1 Vlc Media Player 2025-04-20 N/A
Heap out-of-bound read in ParseJSS in VideoLAN VLC before 2.2.5 due to missing check of string termination allows attackers to read data beyond allocated memory and potentially crash the process via a crafted subtitles file.
CVE-2014-8127 3 Libtiff, Opensuse, Redhat 3 Libtiff, Opensuse, Enterprise Linux 2025-04-20 N/A
LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted TIFF image to the (1) checkInkNamesString function in tif_dir.c in the thumbnail tool, (2) compresscontig function in tiff2bw.c in the tiff2bw tool, (3) putcontig8bitCIELab function in tif_getimage.c in the tiff2rgba tool, LZWPreDecode function in tif_lzw.c in the (4) tiff2ps or (5) tiffdither tool, (6) NeXTDecode function in tif_next.c in the tiffmedian tool, or (7) TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool.
CVE-2017-17081 1 Ffmpeg 1 Ffmpeg 2025-04-20 N/A
The gmc_mmx function in libavcodec/x86/mpegvideodsp.c in FFmpeg 2.3 and 3.4 does not properly validate widths and heights, which allows remote attackers to cause a denial of service (integer signedness error and out-of-array read) via a crafted MPEG file.
CVE-2017-11423 2 Clamav, Libmspack Project 2 Clamav, Libmspack 2025-04-20 N/A
The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2 and other products, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted CAB file.
CVE-2016-9637 2 Citrix, Redhat 2 Xenserver, Enterprise Linux 2025-04-20 N/A
The (1) ioport_read and (2) ioport_write functions in Xen, when qemu is used as a device model within Xen, might allow local x86 HVM guest OS administrators to gain qemu process privileges via vectors involving an out-of-range ioport access.
CVE-2017-8312 2 Debian, Videolan 2 Debian Linux, Vlc Media Player 2025-04-20 N/A
Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing check of string length allows attackers to read heap uninitialized data via a crafted subtitles file.
CVE-2015-8897 2 Imagemagick, Redhat 2 Imagemagick, Enterprise Linux 2025-04-20 N/A
The SpliceImage function in MagickCore/transform.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (application crash) via a crafted png file.
CVE-2017-17786 3 Canonical, Debian, Gimp 3 Ubuntu Linux, Debian Linux, Gimp 2025-04-20 7.8 High
In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in plug-ins/common/file-tga.c (related to bgr2rgb.part.1) via an unexpected bits-per-pixel value for an RGBA image.