Search Results (9721 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-3631 1 Libtiff 1 Libtiff 2025-04-12 N/A
The (1) cpStrips and (2) cpTiles functions in the thumbnail tool in LibTIFF 4.0.6 and earlier allow remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the bytecounts[] array variable.
CVE-2016-9777 1 Linux 1 Linux Kernel 2025-04-12 7.8 High
KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does not properly restrict the VCPU index, which allows guest OS users to gain host OS privileges or cause a denial of service (out-of-bounds array access and host OS crash) via a crafted interrupt request, related to arch/x86/kvm/ioapic.c and arch/x86/kvm/ioapic.h.
CVE-2016-3633 1 Libtiff 1 Libtiff 2025-04-12 N/A
The setrow function in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the src variable.
CVE-2016-3658 1 Libtiff 1 Libtiff 2025-04-12 N/A
The TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving the ma variable.
CVE-2016-3713 1 Linux 1 Linux Kernel 2025-04-12 N/A
The msr_mtrr_valid function in arch/x86/kvm/mtrr.c in the Linux kernel before 4.6.1 supports MSR 0x2f8, which allows guest OS users to read or write to the kvm_arch_vcpu data structure, and consequently obtain sensitive information or cause a denial of service (system crash), via a crafted ioctl call.
CVE-2016-3712 6 Canonical, Citrix, Debian and 3 more 12 Ubuntu Linux, Xenserver, Debian Linux and 9 more 2025-04-12 5.5 Medium
Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode.
CVE-2016-9555 2 Linux, Redhat 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more 2025-04-12 9.8 Critical
The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data.
CVE-2016-9539 1 Libtiff 1 Libtiff 2025-04-12 N/A
tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds read in readContigTilesIntoBuffer(). Reported as MSVR 35092.
CVE-2016-9037 1 Tarantool 1 Tarantool 2025-04-12 7.5 High
An exploitable out-of-bounds array access vulnerability exists in the xrow_header_decode function of Tarantool 1.7.2.0-g8e92715. A specially crafted packet can cause the function to access an element outside the bounds of a global array that is used to determine the type of the specified key's value. This can lead to an out of bounds read within the context of the server. An attacker who exploits this vulnerability can cause a denial of service vulnerability on the server.
CVE-2016-9036 1 Tarantool 1 Msgpuck 2025-04-12 7.5 High
An exploitable incorrect return value vulnerability exists in the mp_check function of Tarantool's Msgpuck library 1.0.3. A specially crafted packet can cause the mp_check function to incorrectly return success when trying to check if decoding a map16 packet will read outside the bounds of a buffer, resulting in a denial of service vulnerability.
CVE-2016-9017 1 Artifex 1 Mujs 2025-04-12 N/A
Artifex Software, Inc. MuJS before a5c747f1d40e8d6659a37a8d25f13fb5acf8e767 allows context-dependent attackers to obtain sensitive information by using the "opname in crafted JavaScript file" approach, related to an "Out-of-Bounds read" issue affecting the jsC_dumpfunction function in the jsdump.c component.
CVE-2016-6905 2 Libgd, Opensuse 3 Libgd, Leap, Opensuse 2025-04-12 N/A
The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA image.
CVE-2016-6891 1 Matrixssl 1 Matrixssl 2025-04-12 N/A
MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ASN.1 Bit Field primitive in an X.509 certificate.
CVE-2016-6263 1 Gnu 1 Libidn 2025-04-12 N/A
The stringprep_utf8_nfkc_normalize function in lib/nfkc.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted UTF-8 data.
CVE-2016-6262 3 Canonical, Gnu, Opensuse 4 Ubuntu Linux, Libidn, Leap and 1 more 2025-04-12 N/A
idn in libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read, a different vulnerability than CVE-2015-8948.
CVE-2016-6261 3 Canonical, Gnu, Opensuse 3 Ubuntu Linux, Libidn, Leap 2025-04-12 N/A
The idna_to_ascii_4i function in lib/idna.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via 64 bytes of input.
CVE-2016-6214 3 Debian, Libgd, Opensuse 3 Debian Linux, Libgd, Leap 2025-04-12 N/A
gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.
CVE-2016-6161 3 Debian, Libgd, Opensuse 3 Debian Linux, Libgd, Leap 2025-04-12 N/A
The output function in gd_gif_out.c in the GD Graphics Library (aka libgd) allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image.
CVE-2016-6132 3 Debian, Libgd, Opensuse 3 Debian Linux, Libgd, Leap 2025-04-12 N/A
The gdImageCreateFromTgaCtx function in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.
CVE-2016-4776 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2025-04-12 N/A
The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4773 and CVE-2016-4774.