Export limit exceeded: 21800 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21800 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-4301 | 1 Libarchive | 1 Libarchive | 2025-04-12 | N/A |
| Stack-based buffer overflow in the parse_device function in archive_read_support_format_mtree.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a crafted mtree file. | ||||
| CVE-2016-4302 | 2 Libarchive, Redhat | 9 Libarchive, Enterprise Linux, Enterprise Linux Desktop and 6 more | 2025-04-12 | N/A |
| Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a zero-sized dictionary. | ||||
| CVE-2016-4303 | 4 Debian, Es, Novell and 1 more | 5 Debian Linux, Iperf3, Suse Package Hub For Suse Linux Enterprise and 2 more | 2025-04-12 | 9.8 Critical |
| The parse_string function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a non-hex character in a JSON string, which triggers a heap-based buffer overflow. | ||||
| CVE-2016-4330 | 1 Hdfgroup | 1 Hdf5 | 2025-04-12 | N/A |
| In the HDF5 1.8.16 library's failure to check if the number of dimensions for an array read from the file is within the bounds of the space allocated for it, a heap-based buffer overflow will occur, potentially leading to arbitrary code execution. | ||||
| CVE-2016-4331 | 1 Hdfgroup | 1 Hdf5 | 2025-04-12 | N/A |
| When decoding data out of a dataset encoded with the H5Z_NBIT decoding, the HDF5 1.8.16 library will fail to ensure that the precision is within the bounds of the size leading to arbitrary code execution. | ||||
| CVE-2016-4333 | 1 Hdfgroup | 1 Hdf5 | 2025-04-12 | N/A |
| The HDF5 1.8.16 library allocating space for the array using a value from the file has an impact within the loop for initializing said array allowing a value within the file to modify the loop's terminator. Due to this, an aggressor can cause the loop's index to point outside the bounds of the array when initializing it. | ||||
| CVE-2016-4344 | 1 Php | 1 Php | 2025-04-12 | 9.8 Critical |
| Integer overflow in the xml_utf8_encode function in ext/xml/xml.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long argument to the utf8_encode function, leading to a heap-based buffer overflow. | ||||
| CVE-2016-4345 | 1 Php | 1 Php | 2025-04-12 | 9.8 Critical |
| Integer overflow in the php_filter_encode_url function in ext/filter/sanitizing_filters.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow. | ||||
| CVE-2016-4346 | 2 Opensuse, Php | 3 Leap, Opensuse, Php | 2025-04-12 | 9.8 Critical |
| Integer overflow in the str_pad function in ext/standard/string.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow. | ||||
| CVE-2016-4429 | 3 Canonical, Gnu, Opensuse | 4 Ubuntu Linux, Glibc, Leap and 1 more | 2025-04-12 | 5.9 Medium |
| Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of crafted ICMP and UDP packets. | ||||
| CVE-2016-4441 | 3 Canonical, Debian, Qemu | 3 Ubuntu Linux, Debian Linux, Qemu | 2025-04-12 | 6.0 Medium |
| The get_cmd function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check DMA length, which allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via unspecified vectors, involving an SCSI command. | ||||
| CVE-2016-4454 | 3 Canonical, Debian, Qemu | 3 Ubuntu Linux, Debian Linux, Qemu | 2025-04-12 | 6.0 Medium |
| The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to obtain sensitive host memory information or cause a denial of service (QEMU process crash) by changing FIFO registers and issuing a VGA command, which triggers an out-of-bounds read. | ||||
| CVE-2016-4463 | 3 Apache, Debian, Redhat | 4 Xerces-c\+\+, Debian Linux, Enterprise Linux and 1 more | 2025-04-12 | N/A |
| Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD. | ||||
| CVE-2016-1839 | 6 Apple, Canonical, Debian and 3 more | 16 Iphone Os, Mac Os X, Tvos and 13 more | 2025-04-12 | N/A |
| The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. | ||||
| CVE-2016-1838 | 6 Apple, Canonical, Debian and 3 more | 16 Iphone Os, Mac Os X, Tvos and 13 more | 2025-04-12 | N/A |
| The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. | ||||
| CVE-2015-0982 | 1 Schneider-electric | 1 Pelco Ds-nv | 2025-04-12 | N/A |
| Buffer overflow in an unspecified DLL in Schneider Electric Pelco DS-NVs before 7.8.90 allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2016-4537 | 4 Fedoraproject, Opensuse, Php and 1 more | 4 Fedora, Leap, Php and 1 more | 2025-04-12 | N/A |
| The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 accepts a negative integer for the scale argument, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call. | ||||
| CVE-2016-4538 | 4 Fedoraproject, Opensuse, Php and 1 more | 4 Fedora, Leap, Php and 1 more | 2025-04-12 | N/A |
| The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 modifies certain data structures without considering whether they are copies of the _zero_, _one_, or _two_ global variable, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call. | ||||
| CVE-2016-4539 | 4 Fedoraproject, Opensuse, Php and 1 more | 4 Fedora, Leap, Php and 1 more | 2025-04-12 | N/A |
| The xml_parse_into_struct function in ext/xml/xml.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (buffer under-read and segmentation fault) or possibly have unspecified other impact via crafted XML data in the second argument, leading to a parser level of zero. | ||||
| CVE-2016-4540 | 4 Fedoraproject, Opensuse, Php and 1 more | 4 Fedora, Leap, Php and 1 more | 2025-04-12 | N/A |
| The grapheme_stripos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset. | ||||