Export limit exceeded: 15987 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (15987 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-12983 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | N/A |
| Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. | ||||
| CVE-2017-13011 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2025-04-20 | N/A |
| Several protocol parsers in tcpdump before 4.9.2 could cause a buffer overflow in util-print.c:bittok2str_internal(). | ||||
| CVE-2017-10928 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | N/A |
| In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the GetUserSpaceCoordinateValue function in coders/svg.c. | ||||
| CVE-2017-12787 | 1 Noviflow | 1 Noviware | 2025-04-20 | N/A |
| A network interface of the novi_process_manager_daemon service, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an operator attempts to modify ACLs, because of a bug when ACL modifications are applied. This could be leveraged by remote, unauthenticated attackers to gain resultant privileged (root) code execution on the switch, because incoming packet data can contain embedded OS commands, and can also trigger a stack-based buffer overflow. | ||||
| CVE-2016-7659 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Audio" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file. | ||||
| CVE-2016-8030 | 1 Mcafee | 1 Virusscan Enterprise | 2025-04-20 | N/A |
| A memory corruption vulnerability in Scriptscan COM Object in McAfee VirusScan Enterprise 8.8 Patch 8 and earlier allows remote attackers to create a Denial of Service on the active Internet Explorer tab via a crafted HTML link. | ||||
| CVE-2017-5547 | 1 Linux | 1 Linux Kernel | 2025-04-20 | 7.8 High |
| drivers/hid/hid-corsair.c in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist. | ||||
| CVE-2017-14088 | 1 Trendmicro | 2 Officescan, Officescan Xg | 2025-04-20 | N/A |
| Memory Corruption Privilege Escalation vulnerabilities in Trend Micro OfficeScan 11.0 and XG allows local attackers to execute arbitrary code and escalate privileges to resources normally reserved for the kernel on vulnerable installations by exploiting tmwfp.sys. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit the vulnerability. | ||||
| CVE-2017-14089 | 1 Trendmicro | 1 Officescan | 2025-04-20 | N/A |
| An Unauthorized Memory Corruption vulnerability in Trend Micro OfficeScan 11.0 and XG may allow remote unauthenticated users who can access the OfficeScan server to target cgiShowClientAdm.exe and cause memory corruption issues. | ||||
| CVE-2017-14033 | 2 Redhat, Ruby-lang | 3 Enterprise Linux, Rhel Software Collections, Ruby | 2025-04-20 | N/A |
| The decode method in the OpenSSL::ASN1 module in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows attackers to cause a denial of service (interpreter crash) via a crafted string. | ||||
| CVE-2017-1274 | 1 Ibm | 1 Domino | 2025-04-20 | N/A |
| IBM Domino 8.5.3, and 9.0 is vulnerable to a stack based overflow in the IMAP service that could allow an authenticated attacker to execute arbitrary code by specifying a large mailbox name. IBM X-Force ID: 124749. | ||||
| CVE-2017-14153 | 1 Jungo | 1 Windriver | 2025-04-20 | N/A |
| This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x953824b7 by the windrvr1240 kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in a kernel pool overflow. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel. | ||||
| CVE-2017-14064 | 4 Canonical, Debian, Redhat and 1 more | 11 Ubuntu Linux, Debian Linux, Enterprise Linux and 8 more | 2025-04-20 | N/A |
| Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during a JSON.generate call. The issues lies in using strdup in ext/json/ext/generator/generator.c, which will stop after encountering a '\0' byte, returning a pointer to a string of length zero, which is not the length stored in space_len. | ||||
| CVE-2016-8761 | 1 Huawei | 6 Honor 6, Honor 6 Firmware, P9 and 3 more | 2025-04-20 | N/A |
| Video driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a stack overflow vulnerability, which allows attackers to crash the system or escalate user privilege. | ||||
| CVE-2017-5705 | 1 Intel | 1 Manageability Engine Firmware | 2025-04-20 | N/A |
| Multiple buffer overflows in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code. | ||||
| CVE-2017-5712 | 3 Asus, Intel, Siemens | 394 B150-a, B150-a Firmware, B150-plus and 391 more | 2025-04-20 | 7.2 High |
| Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allows attacker with remote Admin access to the system to execute arbitrary code with AMT execution privilege. | ||||
| CVE-2017-12278 | 1 Cisco | 2 Wireless Lan Controller, Wireless Lan Controller Software | 2025-04-20 | N/A |
| A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco Wireless LAN Controllers could allow an authenticated, remote attacker to cause an affected device to restart, resulting in a denial of service (DoS) condition. The vulnerability is due to a memory leak that occurs on an affected device after the device fails to deallocate a buffer that is used when certain MIBs are polled. An attacker who knows the SNMP Version 2 SNMP Read string or has valid SNMP Version 3 credentials for an affected device could repeatedly poll the affected MIB object IDs (OIDs) and consume available memory on the device. When memory is sufficiently depleted on the device, the device will restart, resulting in a DoS condition. Cisco Bug IDs: CSCvc71674. | ||||
| CVE-2017-5789 | 1 Hp | 2 Loadrunner, Performance Center | 2025-04-20 | N/A |
| HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. At least in LoadRunner, this is a libxdrutil.dll mxdr_string heap-based buffer overflow. | ||||
| CVE-2016-7820 | 1 Iodata | 4 Ts-wrla, Ts-wrla Firmware, Ts-wrlp and 1 more | 2025-04-20 | N/A |
| Buffer overflow in I-O DATA DEVICE TS-WRLP firmware version 1.01.02 and earlier and TS-WRLA firmware version 1.01.02 and earlier allows an attacker with administrator rights to cause a denial-of-service (DoS) or execute arbitrary code via unspecified vectors. | ||||
| CVE-2016-9679 | 1 Citrix | 1 Provisioning Services | 2025-04-20 | N/A |
| Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code by overwriting a function pointer. | ||||