Export limit exceeded: 14324 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (14324 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-27802 | 1 Upx | 1 Upx | 2025-04-11 | 5.5 Medium |
| An floating point exception was discovered in the elf_lookup function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file. | ||||
| CVE-2021-43312 | 1 Upx | 1 Upx | 2025-04-11 | 7.5 High |
| A heap-based buffer overflow was discovered in upx, during the variable 'bucket' points to an inaccessible address. The issue is being triggered in the function PackLinuxElf64::invert_pt_dynamic at p_lx_elf.cpp:5239. | ||||
| CVE-2020-27798 | 1 Upx | 1 Upx | 2025-04-11 | 5.5 Medium |
| An invalid memory address reference was discovered in the adjABS function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file. | ||||
| CVE-2021-43316 | 1 Upx | 1 Upx | 2025-04-11 | 7.5 High |
| A heap-based buffer overflow was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le64(). | ||||
| CVE-2021-43317 | 1 Upx | 1 Upx | 2025-04-11 | 7.5 High |
| A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf64::elf_lookup() at p_lx_elf.cpp:5404 | ||||
| CVE-2020-27797 | 1 Upx | 1 Upx | 2025-04-11 | 5.5 Medium |
| An invalid memory address reference was discovered in the elf_lookup function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file. | ||||
| CVE-2020-27787 | 1 Upx | 1 Upx | 2025-04-11 | 5.5 Medium |
| A Segmentaation fault was found in UPX in invert_pt_dynamic() function in p_lx_elf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of service. | ||||
| CVE-2020-27799 | 1 Upx | 1 Upx | 2025-04-11 | 7.8 High |
| A heap-based buffer over-read was discovered in the acc_ua_get_be32 function in miniacc.h in UPX 4.0.0 via a crafted Mach-O file. | ||||
| CVE-2020-27800 | 1 Upx | 1 Upx | 2025-04-11 | 7.8 High |
| A heap-based buffer over-read was discovered in the get_le32 function in bele.h in UPX 4.0.0 via a crafted Mach-O file. | ||||
| CVE-2021-43314 | 1 Upx | 1 Upx | 2025-04-11 | 7.5 High |
| A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf32::elf_lookup() at p_lx_elf.cpp:5368 | ||||
| CVE-2020-27801 | 1 Upx | 1 Upx | 2025-04-11 | 7.8 High |
| A heap-based buffer over-read was discovered in the get_le64 function in bele.h in UPX 4.0.0 via a crafted Mach-O file. | ||||
| CVE-2021-43315 | 1 Upx | 1 Upx | 2025-04-11 | 7.5 High |
| A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf32::elf_lookup() at p_lx_elf.cpp:5349 | ||||
| CVE-2021-43311 | 1 Upx | 1 Upx | 2025-04-11 | 7.5 High |
| A heap-based buffer overflow was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf32::elf_lookup() at p_lx_elf.cpp:5382. | ||||
| CVE-2011-0614 | 1 Adobe | 1 Audition | 2025-04-11 | N/A |
| Buffer overflow in Adobe Audition 3.0.1 and earlier allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Audition Session (aka .ses) file. | ||||
| CVE-2010-2539 | 2 Osgeo, Umn | 2 Mapserver, Mapserver | 2025-04-11 | N/A |
| Buffer overflow in the msTmpFile function in maputil.c in mapserv in MapServer before 4.10.6 and 5.x before 5.6.4 allows local users to cause a denial of service via vectors involving names of temporary files. | ||||
| CVE-2010-2959 | 5 Debian, Fedoraproject, Linux and 2 more | 8 Debian Linux, Fedora, Linux Kernel and 5 more | 2025-04-11 | N/A |
| Integer overflow in net/can/bcm.c in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows attackers to execute arbitrary code or cause a denial of service (system crash) via crafted CAN traffic. | ||||
| CVE-2012-3678 | 1 Apple | 1 Safari | 2025-04-11 | N/A |
| WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. | ||||
| CVE-2011-4185 | 2 Microsoft, Novell | 2 Windows, Iprint | 2025-04-11 | N/A |
| The GetPrinterURLList2 method in the ActiveX control in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2008-2431 and CVE-2008-2436. | ||||
| CVE-2014-0290 | 1 Microsoft | 1 Internet Explorer | 2025-04-11 | N/A |
| Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0267 and CVE-2014-0289. | ||||
| CVE-2010-1797 | 2 Apple, Redhat | 2 Iphone Os, Enterprise Linux | 2025-04-11 | N/A |
| Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch and before 3.2.2 on the iPad, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted CFF opcodes in embedded fonts in a PDF document, as demonstrated by JailbreakMe. NOTE: some of these details are obtained from third party information. | ||||