Total
14249 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-15804 | 2 Gnu, Redhat | 2 Glibc, Enterprise Linux | 2025-04-20 | N/A |
| The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator. | ||||
| CVE-2017-12786 | 1 Noviflow | 1 Noviware | 2025-04-20 | N/A |
| Network interfaces of the cliengine and noviengine services, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an operator attempts to modify ACLs, because of a bug when ACL modifications are applied. This could be leveraged by remote, unauthenticated attackers to gain resultant privileged (root) code execution on the switch, because there is a stack-based buffer overflow during unserialization of packet data. | ||||
| CVE-2017-5358 | 1 Easycom-aura | 1 Easycom For Php | 2025-04-20 | N/A |
| Stack-based buffer overflows in php_Easycom5_3_0.dll in EasyCom for PHP 4.0.0.29 allows remote attackers to execute arbitrary code via the server argument to the (1) i5_connect, (2) i5_pconnect, or (3) i5_private_connect API function. | ||||
| CVE-2017-2276 | 1 Sony | 2 Wg-c10, Wg-c10 Firmware | 2025-04-20 | N/A |
| Buffer overflow in WG-C10 v3.0.79 and earlier allows an attacker to execute arbitrary commands via unspecified vectors. | ||||
| CVE-2017-15250 | 1 Irfanview | 2 Irfanview, Pdf | 2025-04-20 | N/A |
| IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Read Access Violation starting at PDF!xmlParserInputRead+0x0000000000132e19." | ||||
| CVE-2017-15242 | 1 Irfanview | 2 Irfanview, Pdf | 2025-04-20 | N/A |
| IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to a "User Mode Write AV starting at PDF!xmlGetGlobalState+0x0000000000031abe." | ||||
| CVE-2015-0786 | 1 Novell | 1 Zenworks Configuration Management | 2025-04-20 | N/A |
| Stack-based buffer overflow in the logging functionality in the Preboot Policy service in Novell ZENworks Configuration Management (ZCM) allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2017-15220 | 1 Flexense | 1 Vx Search | 2025-04-20 | N/A |
| Flexense VX Search Enterprise 10.1.12 is vulnerable to a buffer overflow via an empty POST request to a long URI beginning with a /../ substring. This allows remote attackers to execute arbitrary code. | ||||
| CVE-2015-0689 | 1 Cisco | 1 Cloud Web Security | 2025-04-20 | N/A |
| Cisco Cloud Web Security before 3.0.1.7 allows remote attackers to bypass intended filtering protection mechanisms by leveraging improper handling of HTTP methods, aka Bug ID CSCut69743. | ||||
| CVE-2015-3450 | 1 Aspl | 1 Libaxl | 2025-04-20 | N/A |
| Heap-based buffer overflow in libaxl 0.6.9 allows attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted XML document. | ||||
| CVE-2017-5119 | 3 Debian, Google, Redhat | 3 Debian Linux, Chrome, Rhel Extras | 2025-04-20 | N/A |
| Use of an uninitialized value in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | ||||
| CVE-2017-7679 | 2 Apache, Redhat | 5 Http Server, Enterprise Linux, Jboss Core Services and 2 more | 2025-04-20 | N/A |
| In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header. | ||||
| CVE-2017-8798 | 1 Miniupnp Project | 1 Miniupnpd | 2025-04-20 | N/A |
| Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact. | ||||
| CVE-2017-14631 | 1 Sam2p Project | 1 Sam2p | 2025-04-20 | N/A |
| In sam2p 0.49.3, the pcxLoadRaster function in in_pcx.cpp has an integer signedness error leading to a heap-based buffer overflow. | ||||
| CVE-2015-1783 | 2 Entrouvert, Fedoraproject | 2 Lasso, Fedora | 2025-04-20 | N/A |
| The prefix variable in the get_or_define_ns function in Lasso before commit 6d854cef4211cdcdbc7446c978f23ab859847cdd allows remote attackers to cause a denial of service (uninitialized memory access and application crash) via unspecified vectors. | ||||
| CVE-2015-4422 | 1 Huawei | 2 Mate 7, Mate 7 Firmware | 2025-04-20 | N/A |
| The TEEOS module in Huawei Mate 7 (Mate7-TL10) smartphones before V100R001CHNC00B126SP03 allows local users with root permissions to gain privileges or cause a denial of service (memory corruption) via a crafted application. | ||||
| CVE-2015-0114 | 1 Ibm | 1 I Access For Windows | 2025-04-20 | N/A |
| Stack-based buffer overflow in IBM V5R4, and IBM i Access for Windows 6.1 and 7.1. | ||||
| CVE-2017-11358 | 2 Debian, Sound Exchange Project | 2 Debian Linux, Sound Exchange | 2025-04-20 | N/A |
| The read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted hcom file. | ||||
| CVE-2014-9980 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a Sample App failed to check a length potentially leading to unauthorized access to secure memory. | ||||
| CVE-2014-9937 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In TrustZone a buffer overflow vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel. | ||||