Search Results (46117 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-9675 2 Redhat, Uclouvain 5 Enterprise Linux, Enterprise Linux For Ibm Z Systems, Enterprise Linux For Power Big Endian and 2 more 2025-04-12 7.8 High
openjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045. A crafted j2k image could cause the application to crash, or potentially execute arbitrary code.
CVE-2015-8027 1 Nodejs 1 Node.js 2025-04-12 N/A
Node.js 0.12.x before 0.12.9, 4.x before 4.2.3, and 5.x before 5.1.1 does not ensure the availability of a parser for each HTTP socket, which allows remote attackers to cause a denial of service (uncaughtException and service outage) via a pipelined HTTP request.
CVE-2015-8028 1 Sap 1 3d Visual Enterprise Viewer 2025-04-12 N/A
Multiple buffer overflows in SAP 3D Visual Enterprise Viewer (VEV) allow remote attackers to execute arbitrary code via a crafted (1) 3DM or (2) Flic Animation file.
CVE-2015-8029 1 Sap 1 3d Visual Enterprise Viewer 2025-04-12 N/A
SAP 3D Visual Enterprise Viewer (VEV) allows remote attackers to execute arbitrary code via a crafted Filmbox document, which triggers memory corruption.
CVE-2015-8030 1 Sap 1 3d Visual Enterprise Viewer 2025-04-12 N/A
SAP 3D Visual Enterprise Viewer (VEV) allows remote attackers to execute arbitrary code via a crafted (1) U3D, (2) LWO, (3) JPEG2000, or (4) FBX file, aka "Out-Of-Bounds Indexing" vulnerabilities.
CVE-2014-1746 1 Google 1 Chrome 2025-04-12 N/A
The InMemoryUrlProtocol::Read function in media/filters/in_memory_url_protocol.cc in Google Chrome before 35.0.1916.114 relies on an insufficiently large integer data type, which allows remote attackers to cause a denial of service (out-of-bounds read) via vectors that trigger use of a large buffer.
CVE-2015-8041 2 Opensuse, W1.fi 3 Opensuse, Hostapd, Wpa Supplicant 2025-04-12 N/A
Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpa_supplicant before 2.5 allow remote attackers to cause a denial of service (process crash or infinite loop) via a large payload length field value in an (1) WPS or (2) P2P NFC NDEF record, which triggers an out-of-bounds read.
CVE-2015-8045 6 Adobe, Apple, Google and 3 more 10 Air, Air Sdk, Air Sdk \& Compiler and 7 more 2025-04-12 N/A
Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, and CVE-2015-8455.
CVE-2015-8047 6 Adobe, Apple, Google and 3 more 10 Air, Air Sdk, Air Sdk \& Compiler and 7 more 2025-04-12 N/A
Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8045, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, and CVE-2015-8455.
CVE-2015-8636 6 Adobe, Apple, Google and 3 more 10 Air, Air Sdk, Air Sdk \& Compiler and 7 more 2025-04-12 N/A
Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8459, CVE-2015-8460, and CVE-2015-8645.
CVE-2015-8659 2 Apple, Nghttp2 5 Iphone Os, Mac Os X, Tvos and 2 more 2025-04-12 N/A
The idle stream handling in nghttp2 before 1.6.0 allows attackers to have unspecified impact via unknown vectors, aka a heap-use-after-free bug.
CVE-2015-8645 6 Adobe, Apple, Google and 3 more 10 Air, Air Sdk, Air Sdk \& Compiler and 7 more 2025-04-12 N/A
Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8459, CVE-2015-8460, and CVE-2015-8636.
CVE-2014-1744 1 Google 1 Chrome 2025-04-12 N/A
Integer overflow in the AudioInputRendererHost::OnCreateStream function in content/browser/renderer_host/media/audio_input_renderer_host.cc in Google Chrome before 35.0.1916.114 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a large shared-memory allocation.
CVE-2015-8661 1 Ffmpeg 1 Ffmpeg 2025-04-12 N/A
The h264_slice_header_init function in libavcodec/h264_slice.c in FFmpeg before 2.8.3 does not validate the relationship between the number of threads and the number of slices, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted H.264 data.
CVE-2015-8662 1 Ffmpeg 1 Ffmpeg 2025-04-12 N/A
The ff_dwt_decode function in libavcodec/jpeg2000dwt.c in FFmpeg before 2.8.4 does not validate the number of decomposition levels before proceeding with Discrete Wavelet Transform decoding, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG 2000 data.
CVE-2015-8663 1 Ffmpeg 1 Ffmpeg 2025-04-12 N/A
The ff_get_buffer function in libavcodec/utils.c in FFmpeg before 2.8.4 preserves width and height values after a failure, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .mov file.
CVE-2015-8665 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2025-04-12 N/A
tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via the SamplesPerPixel tag in a TIFF image.
CVE-2015-8668 3 Libtiff, Oracle, Redhat 6 Libtiff, Linux, Vm Server and 3 more 2025-04-12 9.8 Critical
Heap-based buffer overflow in the PackBitsPreEncode function in tif_packbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a large width field in a BMP image.
CVE-2015-8672 1 Huawei 5 Te30, Te40, Te50 and 2 more 2025-04-12 N/A
The presentation transmission permission management mechanism in Huawei TE30, TE40, TE50, and TE60 multimedia video conferencing endpoints with software before V100R001C10SPC100 allows remote attackers to cause a denial of service (wired presentation outage) via unspecified vectors involving a wireless presentation.
CVE-2015-8676 1 Huawei 22 S2300, S2300 Firmware, S2350ei and 19 more 2025-04-12 N/A
Memory leak in Huawei S5300EI, S5300SI, S5310HI, S6300EI/ S2350EI, and S5300LI Campus series switches with software V200R001C00 before V200R001SPH018, V200R002C00 before V200R003SPH011, and V200R003C00 before V200R003SPH011; S9300, S7700, and S9700 Campus series switches with software V200R001C00 before V200R001SPH023, V200R002C00 before V200R003SPH011, and V200R003C00 before V200R003SPH011; and S2300 and S3300 Campus series switches with software V100R006C05 before V100R006SPH022 allows remote attackers to cause a denial of service (memory consumption and reboot) via a large number of ICMPv6 packets.