Total
14282 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-12141 | 1 Ytnef Project | 1 Ytnef | 2025-04-20 | N/A |
| In ytnef 1.9.2, a heap-based buffer overflow vulnerability was found in the function TNEFFillMapi in ytnef.c, which allows attackers to cause a denial of service via a crafted file. | ||||
| CVE-2015-9025 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a QTEE application. | ||||
| CVE-2017-12433 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | N/A |
| In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the function ReadPESImage in coders/pes.c, which allows attackers to cause a denial of service, related to ResizeMagickMemory in memory.c. | ||||
| CVE-2017-12911 | 1 Mp3gain | 1 Mp3gain | 2025-04-20 | N/A |
| The "apetag.c" file in MP3Gain 1.5.2.r2 has a vulnerability which results in a stack memory corruption when opening a crafted MP3 file. | ||||
| CVE-2017-11935 | 1 Microsoft | 1 Office | 2025-04-20 | N/A |
| Microsoft Office 2016 Click-to-Run (C2R) allows a remote code execution vulnerability due to the way files are handled in memory, aka "Microsoft Excel Remote Code Execution Vulnerability". | ||||
| CVE-2016-8677 | 3 Debian, Imagemagick, Opensuse | 3 Debian Linux, Imagemagick, Opensuse | 2025-04-20 | 8.8 High |
| The AcquireQuantumPixels function in MagickCore/quantum.c in ImageMagick before 7.0.3-1 allows remote attackers to have unspecified impact via a crafted image file, which triggers a memory allocation failure. | ||||
| CVE-2016-8683 | 3 Debian, Graphicsmagick, Opensuse | 3 Debian Linux, Graphicsmagick, Opensuse | 2025-04-20 | N/A |
| The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file." | ||||
| CVE-2016-8699 | 1 Potrace Project | 1 Potrace | 2025-04-20 | N/A |
| Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8700, CVE-2016-8701, CVE-2016-8702, and CVE-2016-8703. | ||||
| CVE-2016-8701 | 1 Potrace Project | 1 Potrace | 2025-04-20 | N/A |
| Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8700, CVE-2016-8702, and CVE-2016-8703. | ||||
| CVE-2016-8702 | 1 Potrace Project | 1 Potrace | 2025-04-20 | N/A |
| Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8700, CVE-2016-8701, and CVE-2016-8703. | ||||
| CVE-2017-11918 | 1 Microsoft | 4 Chakracore, Edge, Windows 10 and 1 more | 2025-04-20 | N/A |
| ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, and CVE-2017-11930. | ||||
| CVE-2017-11911 | 1 Microsoft | 4 Chakracore, Edge, Windows 10 and 1 more | 2025-04-20 | N/A |
| ChakraCore and Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930. | ||||
| CVE-2016-7656 | 1 Apple | 4 Icloud, Iphone Os, Itunes and 1 more | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | ||||
| CVE-2017-16526 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2025-04-20 | 7.8 High |
| drivers/uwb/uwbd.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device. | ||||
| CVE-2015-9062 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow to buffer overflow vulnerability exists when loading an ELF file. | ||||
| CVE-2017-8073 | 2 Debian, Weechat | 2 Debian Linux, Weechat | 2025-04-20 | N/A |
| WeeChat before 1.7.1 allows a remote crash by sending a filename via DCC to the IRC plugin. This occurs in the irc_ctcp_dcc_filename_without_quotes function during quote removal, with a buffer overflow. | ||||
| CVE-2016-8998 | 1 Ibm | 1 Tivoli Storage Manager | 2025-04-20 | N/A |
| IBM Tivoli Storage Manager Server 7.1 could allow an authenticated user with TSM administrator privileges to cause a buffer overflow using a specially crafted SQL query and execute arbitrary code on the server. IBM Reference #: 1998747. | ||||
| CVE-2016-9011 | 1 Wvware | 1 Libwmf | 2025-04-20 | N/A |
| The wmf_malloc function in api.c in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (application crash) via a crafted wmf file, which triggers a memory allocation failure. | ||||
| CVE-2015-9071 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read vulnerability exists in a TrustZone syscall. | ||||
| CVE-2016-9298 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | N/A |
| Heap overflow in the WaveletDenoiseImage function in MagickCore/fx.c in ImageMagick before 6.9.6-4 and 7.x before 7.0.3-6 allows remote attackers to cause a denial of service (crash) via a crafted image. | ||||