Search Results (1244 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-2669 2 Postgresql, Redhat 3 Postgresql, Cloudforms Managementengine, Rhel Software Collections 2025-04-12 N/A
Multiple integer overflows in contrib/hstore/hstore_io.c in PostgreSQL 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact via vectors related to the (1) hstore_recv, (2) hstore_from_arrays, and (3) hstore_from_array functions in contrib/hstore/hstore_io.c; and the (4) hstoreArrayToPairs function in contrib/hstore/hstore_op.c, which triggers a buffer overflow. NOTE: this issue was SPLIT from CVE-2014-0064 because it has a different set of affected versions.
CVE-2014-3587 3 Christos Zoulas, Php, Redhat 4 File, Php, Enterprise Linux and 1 more 2025-04-12 N/A
Integer overflow in the cdf_read_property_info function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1571.
CVE-2014-3601 5 Canonical, Linux, Opensuse and 2 more 7 Ubuntu Linux, Linux Kernel, Evergreen and 4 more 2025-04-12 N/A
The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.16.1 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to (1) cause a denial of service (host OS memory corruption) or possibly have unspecified other impact by triggering a large gfn value or (2) cause a denial of service (host OS memory consumption) by triggering a small gfn value that leads to permanently pinned pages.
CVE-2014-4345 2 Mit, Redhat 2 Kerberos 5, Enterprise Linux 2025-04-12 N/A
Off-by-one error in the krb5_encode_krbsecretkey function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) 1.6.x through 1.11.x before 1.11.6 and 1.12.x before 1.12.2 allows remote authenticated users to cause a denial of service (buffer overflow) or possibly execute arbitrary code via a series of "cpw -keepold" commands.
CVE-2014-4377 1 Apple 3 Iphone Os, Mac Os X, Tvos 2025-04-12 N/A
Integer overflow in CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.
CVE-2014-4389 1 Apple 3 Iphone Os, Mac Os X, Tvos 2025-04-12 N/A
Integer overflow in IOKit in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted API arguments.
CVE-2014-4481 1 Apple 3 Iphone Os, Mac Os X, Tvos 2025-04-12 N/A
Integer overflow in CoreGraphics in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.
CVE-2014-4497 1 Apple 1 Mac Os X 2025-04-12 N/A
Integer signedness error in IOBluetoothFamily in the Bluetooth implementation in Apple OS X before 10.10 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (write to kernel memory) via a crafted app.
CVE-2014-4508 3 Canonical, Linux, Redhat 3 Ubuntu Linux, Linux Kernel, Rhel Els 2025-04-12 5.5 Medium
arch/x86/kernel/entry_32.S in the Linux kernel through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the sep CPU feature flag is set, allows local users to cause a denial of service (OOPS and system crash) via an invalid syscall number, as demonstrated by number 1000.
CVE-2014-7185 3 Apple, Python, Redhat 4 Mac Os X, Python, Enterprise Linux and 1 more 2025-04-12 N/A
Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function.
CVE-2014-8118 2 Redhat, Rpm 2 Enterprise Linux, Rpm 2025-04-12 N/A
Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflow.
CVE-2014-8147 2 Apple, Icu-project 3 Mac Os X, Watchos, International Components For Unicode 2025-04-12 N/A
The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 uses an integer data type that is inconsistent with a header file, which allows remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text.
CVE-2014-8157 4 Debian, Jasper Project, Opensuse and 1 more 5 Debian Linux, Jasper, Opensuse and 2 more 2025-04-12 N/A
Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image, which triggers a heap-based buffer overflow.
CVE-2014-9029 2 Jasper Project, Redhat 3 Jasper, Enterprise Linux, Rhev Manager 2025-04-12 N/A
Multiple off-by-one errors in the (1) jpc_dec_cp_setfromcox and (2) jpc_dec_cp_setfromrgn functions in jpc/jpc_dec.c in JasPer 1.900.1 and earlier allow remote attackers to execute arbitrary code via a crafted jp2 file, which triggers a heap-based buffer overflow.
CVE-2015-0135 1 Ibm 1 Domino 2025-04-12 N/A
IBM Domino 8.5 before 8.5.3 FP6 IF4 and 9.0 before 9.0.1 FP3 IF2 allows remote attackers to execute arbitrary code or cause a denial of service (integer truncation and application crash) via a crafted GIF image, aka SPR KLYH9T7NT9.
CVE-2015-0261 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-04-12 N/A
Integer signedness error in the mobility_opt_print function in the IPv6 mobility printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) or possibly execute arbitrary code via a negative length value.
CVE-2015-0295 3 Digia, Fedoraproject, Opensuse 3 Qt, Fedora, Opensuse 2025-04-12 N/A
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service (divide-by-zero and crash) via a crafted BMP file.
CVE-2015-1066 1 Apple 1 Mac Os X 2025-04-12 N/A
Off-by-one error in IOAcceleratorFamily in Apple OS X through 10.10.2 allows attackers to execute arbitrary code in a privileged context via a crafted app.
CVE-2015-1474 1 Google 1 Android 2025-04-12 N/A
Multiple integer overflows in the GraphicBuffer::unflatten function in platform/frameworks/native/libs/ui/GraphicBuffer.cpp in Android through 5.0 allow attackers to gain privileges or cause a denial of service (memory corruption) via vectors that trigger a large number of (1) file descriptors or (2) integer values.
CVE-2015-1528 1 Google 1 Android 2025-04-12 N/A
Integer overflow in the native_handle_create function in libcutils/native_handle.c in Android before 5.1.1 LMY48M allows attackers to obtain a different application's privileges or cause a denial of service (Binder heap memory corruption) via a crafted application, aka internal bug 19334482.