Search Results (9720 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-9260 1 Surina 1 Soundtouch 2025-04-20 N/A
The TDStretchSSE::calcCrossCorr function in source/SoundTouch/sse_optimized.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted wav file.
CVE-2017-9227 3 Oniguruma Project, Php, Redhat 3 Oniguruma, Php, Rhel Software Collections 2025-04-20 9.8 Critical
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in mbc_enc_len() during regular expression searching. Invalid handling of reg->dmin in forward_search_range() could result in an invalid pointer dereference, as an out-of-bounds read from a stack buffer.
CVE-2017-9224 3 Oniguruma Project, Php, Redhat 3 Oniguruma, Php, Rhel Software Collections 2025-04-20 9.8 Critical
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in match_at() during regular expression searching. A logical error involving order of validation and access in match_at() could result in an out-of-bounds read from a stack buffer.
CVE-2017-9223 1 Audiocoding 1 Freeware Advanced Audio Decoder 2 2025-04-20 N/A
The mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file.
CVE-2017-9221 1 Audiocoding 1 Freeware Advanced Audio Decoder 2 2025-04-20 N/A
The mp4ff_read_mdhd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file.
CVE-2017-9218 1 Audiocoding 1 Freeware Advanced Audio Decoder 2 2025-04-20 N/A
The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file.
CVE-2017-9207 1 Entropymine 1 Imageworsener 2025-04-20 N/A
The iw_get_ui16be function in imagew-util.c:422:24 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image, related to imagew-jpeg.c.
CVE-2014-9816 1 Imagemagick 1 Imagemagick 2025-04-20 5.5 Medium
ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted viff file.
CVE-2014-9818 1 Imagemagick 1 Imagemagick 2025-04-20 5.5 Medium
ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a malformed sun file.
CVE-2017-9206 1 Entropymine 1 Imageworsener 2025-04-20 N/A
The iw_get_ui16le function in imagew-util.c:405:23 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image, related to imagew-jpeg.c.
CVE-2016-4796 2 Fedoraproject, Uclouvain 2 Fedora, Openjpeg 2025-04-20 N/A
Heap-based buffer overflow in the color_cmyk_to_rgb in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (crash) via a crafted .j2k file.
CVE-2016-5031 1 Libdwarf Project 1 Libdwarf 2025-04-20 5.5 Medium
The print_frame_inst_bytes function in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
CVE-2017-9205 1 Entropymine 1 Imageworsener 2025-04-20 N/A
The iw_get_ui16be function in imagew-util.c:422:24 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (invalid read and SEGV) via a crafted image, related to imagew-jpeg.c.
CVE-2017-9204 1 Entropymine 1 Imageworsener 2025-04-20 N/A
The iw_get_ui16le function in imagew-util.c:405:23 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (invalid read and SEGV) via a crafted image, related to imagew-jpeg.c.
CVE-2016-5032 1 Libdwarf Project 1 Libdwarf 2025-04-20 6.5 Medium
The dwarf_get_xu_hash_entry function in libdwarf before 20160923 allows remote attackers to cause a denial of service (crash) via a crafted file.
CVE-2017-7263 1 Potrace Project 1 Potrace 2025-04-20 N/A
The bm_readbody_bmp function in bitmap_io.c in Potrace 1.14 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8698.
CVE-2017-14407 1 Mp3gain 1 Mp3gain 2025-04-20 N/A
A stack-based buffer over-read was discovered in filterYule in gain_analysis.c in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of service.
CVE-2016-10269 1 Libtiff 1 Libtiff 2025-04-20 N/A
LibTIFF 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6 and 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 512" and libtiff/tif_unix.c:340:2.
CVE-2017-8200 1 Huawei 6 Max Presence, Max Presence Firmware, Tp3106 and 3 more 2025-04-20 N/A
MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have an out-of-bounds read vulnerability in H323 protocol. An attacker logs in to the system as a user and send crafted packets to the affected products. Due to insufficient verification of the packets, successful exploit will cause process reboot.
CVE-2016-7922 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-04-20 N/A
The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print().