Export limit exceeded: 21758 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21758 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-5611 | 4 Linux, Mariadb, Oracle and 1 more | 4 Linux Kernel, Mariadb, Mysql and 1 more | 2025-04-11 | N/A |
| Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to execute arbitrary code via a long argument to the GRANT FILE command. | ||||
| CVE-2013-4458 | 3 Gnu, Redhat, Suse | 4 Glibc, Enterprise Linux, Linux Enterprise Debuginfo and 1 more | 2025-04-11 | N/A |
| Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.18 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of AF_INET6 address results. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1914. | ||||
| CVE-2012-5581 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2025-04-11 | N/A |
| Stack-based buffer overflow in tif_dir.c in LibTIFF before 4.0.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DOTRANGE tag in a TIFF image. | ||||
| CVE-2012-5576 | 2 Gimp, Redhat | 2 Gimp, Enterprise Linux | 2025-04-11 | N/A |
| Multiple stack-based buffer overflows in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.8.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large (1) red, (2) green, or (3) blue color mask in an XWD file. | ||||
| CVE-2010-2642 | 3 Redhat, T1lib, Tug | 4 Enterprise Linux, Evince, T1lib and 1 more | 2025-04-11 | N/A |
| Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer. | ||||
| CVE-2010-3855 | 2 Freetype, Redhat | 2 Freetype, Enterprise Linux | 2025-04-11 | N/A |
| Buffer overflow in the ft_var_readpackedpoints function in truetype/ttgxvar.c in FreeType 2.4.3 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TrueType GX font. | ||||
| CVE-2013-6462 | 2 Redhat, X | 2 Enterprise Linux, Libxfont | 2025-04-11 | N/A |
| Stack-based buffer overflow in the bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont 1.1 through 1.4.6 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string in a character name in a BDF font file. | ||||
| CVE-2013-4391 | 2 Debian, Systemd Project | 2 Debian Linux, Systemd | 2025-04-11 | N/A |
| Integer overflow in the valid_user_field function in journal/journald-native.c in systemd allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large journal data field, which triggers a heap-based buffer overflow. | ||||
| CVE-2010-2492 | 4 Avaya, Linux, Redhat and 1 more | 10 Aura Communication Manager, Aura Presence Services, Aura Session Manager and 7 more | 2025-04-11 | 7.8 High |
| Buffer overflow in the ecryptfs_uid_hash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux kernel before 2.6.35 might allow local users to gain privileges or cause a denial of service (system crash) via unspecified vectors. | ||||
| CVE-2011-1455 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 11.0.696.57 does not properly handle PDF documents with multipart encoding, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document. | ||||
| CVE-2012-1136 | 3 Freetype, Mozilla, Redhat | 3 Freetype, Firefox Mobile, Enterprise Linux | 2025-04-11 | N/A |
| FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font that lacks an ENCODING field. | ||||
| CVE-2012-1144 | 3 Freetype, Mozilla, Redhat | 3 Freetype, Firefox Mobile, Enterprise Linux | 2025-04-11 | N/A |
| FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via a crafted TrueType font. | ||||
| CVE-2010-4643 | 2 Apache, Redhat | 2 Openoffice, Enterprise Linux | 2025-04-11 | N/A |
| Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Truevision TGA (TARGA) file in an ODF or Microsoft Office document. | ||||
| CVE-2012-3995 | 4 Canonical, Mozilla, Redhat and 1 more | 13 Ubuntu Linux, Firefox, Seamonkey and 10 more | 2025-04-11 | N/A |
| The IsCSSWordSpacingSpace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors. | ||||
| CVE-2011-1445 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 11.0.696.57 does not properly handle SVG documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||||
| CVE-2011-1750 | 2 Qemu, Redhat | 2 Qemu, Enterprise Linux | 2025-04-11 | N/A |
| Multiple heap-based buffer overflows in the virtio-blk driver (hw/virtio-blk.c) in qemu-kvm 0.14.0 allow local guest users to cause a denial of service (guest crash) and possibly gain privileges via a (1) write request to the virtio_blk_handle_write function or (2) read request to the virtio_blk_handle_read function that is not properly aligned. | ||||
| CVE-2011-1761 | 1 Konstanty Bialkowski | 1 Libmodplug | 2025-04-11 | N/A |
| Multiple stack-based buffer overflows in the (1) abc_new_macro and (2) abc_new_umacro functions in src/load_abc.cpp in libmodplug before 0.8.8.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ABC file. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2023-36824 | 2 Fedoraproject, Redis | 2 Fedora, Redis | 2025-04-10 | 7.4 High |
| Redis is an in-memory database that persists on disk. In Redit 7.0 prior to 7.0.12, extracting key names from a command and a list of arguments may, in some cases, trigger a heap overflow and result in reading random heap memory, heap corruption and potentially remote code execution. Several scenarios that may lead to authenticated users executing a specially crafted `COMMAND GETKEYS` or `COMMAND GETKEYSANDFLAGS`and authenticated users who were set with ACL rules that match key names, executing a specially crafted command that refers to a variadic list of key names. The vulnerability is patched in Redis 7.0.12. | ||||
| CVE-2022-40656 | 1 Nikon | 1 Nis-elements Viewer | 2025-04-10 | 7.8 High |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 13.2.0.21165. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ND2 files. Crafted data in a ND2 file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15072. | ||||
| CVE-2022-42267 | 2 Microsoft, Nvidia | 2 Windows, Virtual Gpu | 2025-04-10 | 7 High |
| NVIDIA GPU Display Driver for Windows contains a vulnerability where a regular user can cause an out-of-bounds read, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. | ||||