Total
14282 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-11358 | 2 Debian, Sound Exchange Project | 2 Debian Linux, Sound Exchange | 2025-04-20 | N/A |
| The read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted hcom file. | ||||
| CVE-2017-9163 | 1 Autotrace Project | 1 Autotrace | 2025-04-20 | N/A |
| libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in pxl-outline.c:106:54. | ||||
| CVE-2017-12823 | 1 Kaspersky | 1 Embedded Systems Security | 2025-04-20 | N/A |
| Kernel pool memory corruption in one of drivers in Kaspersky Embedded Systems Security version 1.2.0.300 leads to local privilege escalation. | ||||
| CVE-2017-9160 | 1 Autotrace Project | 1 Autotrace | 2025-04-20 | N/A |
| libautotrace.a in AutoTrace 0.31.1 has a stack-based buffer overflow in the pnmscanner_gettoken function in input-pnm.c:458:12. | ||||
| CVE-2017-15221 | 1 Asx To Mp3 Converter Project | 1 Asx To Mp3 Converter | 2025-04-20 | 7.8 High |
| ASX to MP3 converter 3.1.3.7.2010.11.05 has a buffer overflow via a crafted M3U file, a related issue to CVE-2009-1324. | ||||
| CVE-2015-7292 | 1 Amazon | 1 Fire Os | 2025-04-20 | N/A |
| Stack-based buffer overflow in the havok_write function in drivers/staging/havok/havok.c in Amazon Fire OS before 2016-01-15 allows attackers to cause a denial of service (panic) or possibly have unspecified other impact via a long string to /dev/hv. | ||||
| CVE-2017-15372 | 2 Debian, Sound Exchange Project | 2 Debian Linux, Sound Exchange | 2025-04-20 | N/A |
| There is a stack-based buffer overflow in the lsx_ms_adpcm_block_expand_i function of adpcm.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file. | ||||
| CVE-2016-6830 | 1 Call-cc | 1 Chicken | 2025-04-20 | N/A |
| The "process-execute" and "process-spawn" procedures in CHICKEN Scheme used fixed-size buffers for holding the arguments and environment variables to use in its execve() call. This would allow user-supplied argument/environment variable lists to trigger a buffer overrun. This affects all releases of CHICKEN up to and including 4.11 (it will be fixed in 4.12 and 5.0, which are not yet released). | ||||
| CVE-2016-6832 | 1 Libav | 1 Libav | 2025-04-20 | N/A |
| Heap-based buffer overflow in the ff_audio_resample function in resample.c in libav before 11.4 allows remote attackers to cause a denial of service (crash) via vectors related to buffer resizing. | ||||
| CVE-2014-9981 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an overflow check in the USB interface was insufficient during boot. | ||||
| CVE-2016-6920 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-20 | N/A |
| Heap-based buffer overflow in the decode_block function in libavcodec/exr.c in FFmpeg before 3.1.3 allows remote attackers to cause a denial of service (application crash) via vectors involving tile positions. | ||||
| CVE-2014-9979 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a variable is uninitialized in a TrustZone system call potentially leading to the compromise of secure memory. | ||||
| CVE-2014-9978 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a QTEE service. | ||||
| CVE-2014-9977 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in PlayReady DRM. | ||||
| CVE-2017-3870 | 1 Cisco | 1 Web Security Appliance | 2025-04-20 | N/A |
| A vulnerability in the URL filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured URL filter rule. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA), both virtual and hardware appliances, that are configured with URL filters for email scanning. More Information: CSCvc69700. Known Affected Releases: 8.5.3-069 9.1.1-074 9.1.2-010. | ||||
| CVE-2017-3860 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-20 | N/A |
| Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition. These vulnerabilities are due to improper parsing of crafted EnergyWise packets destined to an affected device. An attacker could exploit these vulnerabilities by sending crafted EnergyWise packets to be processed by an affected device. An exploit could allow the attacker to cause a buffer overflow condition or a reload of the affected device, leading to a DoS condition. Cisco IOS Software and Cisco IOS XE Software support EnergyWise for IPv4 communication. Only IPv4 packets destined to a device configured as an EnergyWise domain member can trigger these vulnerabilities. IPv6 packets cannot be used to trigger these vulnerabilities. Cisco Bug ID CSCur29331. | ||||
| CVE-2015-2868 | 1 Trane | 1 Comfortlink Ii Firmware | 2025-04-20 | N/A |
| An exploitable remote code execution vulnerability exists in the Trane ComfortLink II firmware version 2.0.2 in DSS service. An attacker who can connect to the DSS service on the Trane ComfortLink II device can send an overly long REG request that can overflow a fixed size stack buffer, resulting in arbitrary code execution. | ||||
| CVE-2017-12983 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | N/A |
| Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. | ||||
| CVE-2017-6187 | 1 Disksavvy | 1 Disksavvy Enterprise | 2025-04-20 | N/A |
| Buffer overflow in the built-in web server in DiskSavvy Enterprise 9.4.18 allows remote attackers to execute arbitrary code via a long URI in a GET request. | ||||
| CVE-2017-16531 | 1 Linux | 1 Linux Kernel | 2025-04-20 | 6.6 Medium |
| drivers/usb/core/config.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device, related to the USB_DT_INTERFACE_ASSOCIATION descriptor. | ||||