Search Results (1244 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-9266 1 Libming 1 Libming 2025-04-20 N/A
listmp3.c in libming 0.4.7 allows remote attackers to unspecified impact via a crafted mp3 file, which triggers an invalid left shift.
CVE-2016-7513 1 Imagemagick 1 Imagemagick 2025-04-20 6.5 Medium
Off-by-one error in magick/cache.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors.
CVE-2016-9961 5 Fedoraproject, Game-music-emu Project, Novell and 2 more 7 Fedora, Game-music-emu, Suse Linux Enterprise Desktop and 4 more 2025-04-20 N/A
game-music-emu before 0.6.1 mishandles unspecified integer values.
CVE-2015-4626 1 Treasuryxpress 1 C2box 2025-04-20 N/A
B.A.S C2Box before 4.0.0 (r19171) relies on client-side validation, which allows remote attackers to "corrupt the business logic" via a negative value in an overdraft.
CVE-2016-9820 1 Libav 1 Libav 2025-04-20 N/A
libavcodec/mpegvideo_motion.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
CVE-2015-9002 1 Google 1 Android 2025-04-20 N/A
In TrustZone an out-of-range pointer offset vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.
CVE-2016-9825 1 Libav 1 Libav 2025-04-20 N/A
libswscale/utils.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
CVE-2014-9915 1 Imagemagick 1 Imagemagick 2025-04-20 N/A
Off-by-one error in ImageMagick before 6.6.0-4 allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM profile.
CVE-2016-9826 1 Libav 1 Libav 2025-04-20 N/A
libavcodec/ituh263dec.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
CVE-2016-5241 3 Debian, Graphicsmagick, Opensuse 4 Debian Linux, Graphicsmagick, Leap and 1 more 2025-04-20 N/A
magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file.
CVE-2016-9819 1 Libav 1 Libav 2025-04-20 N/A
libavcodec/mpegvideo.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
CVE-2014-9924 1 Google 1 Android 2025-04-20 N/A
In 1x in all Android releases from CAF using the Linux kernel, a Signed to Unsigned Conversion Error could potentially occur.
CVE-2016-5224 2 Google, Redhat 2 Chrome, Rhel Extras 2025-04-20 N/A
A timing attack on denormalized floating point arithmetic in SVG filters in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to bypass the Same Origin Policy via a crafted HTML page.
CVE-2022-3970 5 Apple, Debian, Libtiff and 2 more 8 Ipados, Iphone Os, Macos and 5 more 2025-04-15 6.3 Medium
A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file libtiff/tif_getimage.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 227500897dfb07fb7d27f7aa570050e62617e3be. It is recommended to apply a patch to fix this issue. The identifier VDB-213549 was assigned to this vulnerability.
CVE-2022-4202 1 Gpac 1 Gpac 2025-04-15 6.3 Medium
A vulnerability, which was classified as problematic, was found in GPAC 2.1-DEV-rev490-g68064e101-master. Affected is the function lsr_translate_coords of the file laser/lsr_dec.c. The manipulation leads to integer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is b3d821c4ae9ba62b3a194d9dcb5e99f17bd56908. It is recommended to apply a patch to fix this issue. VDB-214518 is the identifier assigned to this vulnerability.
CVE-2015-3827 1 Google 1 Android 2025-04-12 N/A
The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not validate the relationship between chunk sizes and skip sizes, which allows remote attackers to execute arbitrary code or cause a denial of service (integer underflow and memory corruption) via crafted MPEG-4 covr atoms, aka internal bug 20923261.
CVE-2015-4067 1 Dell 1 Netvault Backup 2025-04-12 N/A
Integer overflow in the libnv6 module in Dell NetVault Backup before 10.0.5 allows remote attackers to execute arbitrary code via crafted template string specifiers in a serialized object, which triggers a heap-based buffer overflow.
CVE-2014-2386 2 Icinga, Opensuse 2 Icinga, Opensuse 2025-04-12 N/A
Multiple off-by-one errors in Icinga, possibly 1.10.2 and earlier, allow remote attackers to cause a denial of service (crash) via unspecified vectors to the (1) display_nav_table, (2) print_export_link, (3) page_num_selector, or (4) page_limit_selector function in cgi/cgiutils.c or (5) status_page_num_selector function in cgi/status.c, which triggers a stack-based buffer overflow.
CVE-2010-5075 1 Avast\! 1 Avast\! Internet Security 2025-04-12 N/A
Integer overflow in aswFW.sys 5.0.594.0 in Avast! Internet Security 5.0 Korean Trial allows local users to cause a denial of service (memory corruption and panic) via a crafted IOCTL_ASWFW_COMM_PIDINFO_RESULTS DeviceIoControl request to \\.\aswFW.
CVE-2010-5109 2 Fedoraproject, Randall Hand 2 Fedora, Yerase\'s Tnef Stream Reader 2025-04-12 N/A
Off-by-one error in the DecompressRTF function in ytnef.c in Yerase's TNEF Stream Reader allows remote attackers to cause a denial of service (crash) via a crafted TNEF file, which triggers a buffer overflow.