Search Results (15978 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-2894 2 Qemu, Redhat 3 Qemu, Enterprise Linux, Openstack 2025-04-12 N/A
Off-by-one error in the cmd_smart function in the smart self test in hw/ide/core.c in QEMU before 2.0 allows local users to have unspecified impact via a SMART EXECUTE OFFLINE command that triggers a buffer underflow and memory corruption.
CVE-2014-0297 1 Microsoft 1 Internet Explorer 2025-04-12 N/A
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0308, CVE-2014-0312, and CVE-2014-0324.
CVE-2014-1647 1 Symantec 2 Encryption Desktop, Pgp Desktop 2025-04-12 N/A
Symantec PGP Desktop 10.0.x through 10.2.x and Encryption Desktop Professional 10.3.x before 10.3.2 MP1 do not properly perform block-data moves, which allows remote attackers to cause a denial of service (read access violation and application crash) via a malformed certificate.
CVE-2014-2240 1 Freetype 1 Freetype 2025-04-12 N/A
Stack-based buffer overflow in the cf2_hintmap_build function in cff/cf2hints.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of stem hints in a font file.
CVE-2015-8710 3 Debian, Redhat, Xmlsoft 4 Debian Linux, Enterprise Linux, Jboss Enterprise Web Server and 1 more 2025-04-12 9.8 Critical
The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory access and application crash), or possibly have unspecified other impact via an unclosed HTML comment.
CVE-2014-9911 1 Icu-project 1 International Components For Unicode 2025-04-12 N/A
Stack-based buffer overflow in the ures_getByKeyWithFallback function in common/uresbund.cpp in International Components for Unicode (ICU) before 54.1 for C/C++ allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted uloc_getDisplayName call.
CVE-2014-8146 2 Apple, Icu-project 5 Iphone Os, Itunes, Mac Os X and 2 more 2025-04-12 N/A
The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 does not properly track directionally isolated pieces of text, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text.
CVE-2014-2309 4 Linux, Opensuse, Redhat and 1 more 4 Linux Kernel, Opensuse, Enterprise Mrg and 1 more 2025-04-12 N/A
The ip6_route_add function in net/ipv6/route.c in the Linux kernel through 3.13.6 does not properly count the addition of routes, which allows remote attackers to cause a denial of service (memory consumption) via a flood of ICMPv6 Router Advertisement packets.
CVE-2016-1683 7 Canonical, Debian, Google and 4 more 11 Ubuntu Linux, Debian Linux, Chrome and 8 more 2025-04-12 N/A
numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles namespace nodes, which allows remote attackers to cause a denial of service (out-of-bounds heap memory access) or possibly have unspecified other impact via a crafted document.
CVE-2012-1317 1 Cisco 1 Ios 2025-04-12 N/A
The multicast implementation in Cisco IOS before 15.1(1)SY allows remote attackers to cause a denial of service (Route Processor crash) by sending packets at a high rate, aka Bug ID CSCts37717.
CVE-2015-2281 1 Fortinet 1 Single Sign On 2025-04-12 N/A
Stack-based buffer overflow in collectoragent.exe in Fortinet Single Sign On (FSSO) before build 164 allows remote attackers to execute arbitrary code via a large PROCESS_HELLO message to the Message Dispatcher on TCP port 8000.
CVE-2015-2110 1 Hp 1 Loadrunner 2025-04-12 N/A
Buffer overflow in HP LoadRunner 11.52 allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2016-4609 5 Apple, Debian, Fedoraproject and 2 more 10 Icloud, Iphone Os, Itunes and 7 more 2025-04-12 9.8 Critical
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4608, CVE-2016-4610, and CVE-2016-4612.
CVE-2016-8817 2 Microsoft, Nvidia 2 Windows, Gpu Driver 2025-04-12 N/A
All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where a value passed from a user to the driver is used without validation as the size input to memcpy(), causing a buffer overflow, leading to denial of service or potential escalation of privileges.
CVE-2016-4622 1 Apple 3 Iphone Os, Safari, Tvos 2025-04-12 N/A
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-2016-4623, and CVE-2016-4624.
CVE-2011-2592 1 Citrix 1 Access Gateway Plug-in 2025-04-12 N/A
Heap-based buffer overflow in the StartEpa method in the nsepacom ActiveX control (nsepa.exe) in Citrix Access Gateway Enterprise Edition Plug-in for Windows 9.x before 9.3-57.5 and 10.0 before 10.0-69.4 allows remote attackers to execute arbitrary code via a long CSEC HTTP response header.
CVE-2011-3623 1 Videolan 1 Vlc Media Player 2025-04-12 N/A
Multiple stack-based buffer overflows in VideoLAN VLC media player before 1.0.2 allow remote attackers to execute arbitrary code via (1) a crafted ASF file, related to the ASF_ObjectDumpDebug function in modules/demux/asf/libasf.c; (2) a crafted AVI file, related to the AVI_ChunkDumpDebug_level function in modules/demux/avi/libavi.c; or (3) a crafted MP4 file, related to the __MP4_BoxDumpStructure function in modules/demux/mp4/libmp4.c.
CVE-2011-3625 2 Mplayer2, Ricardo Villalba 2 Mplayer2, Smplayer 2025-04-12 N/A
Stack-based buffer overflow in the sub_read_line_sami function in subreader.c in MPlayer, as used in SMPlayer 0.6.9, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a SAMI subtitle file.
CVE-2012-0273 1 Hans Alshoff 1 Minalic 2025-04-12 N/A
Multiple stack-based buffer overflows in MinaliC 2.0.0 allow remote attackers to execute arbitrary code via a (1) session_id cookie in a request to the get_cookie_value function in response.c, (2) directory name in a request to the add_default_file function in response.c, or (3) file name in a request to the retrieve_physical_file_name_or_brows function in response.c.
CVE-2012-4886 1 Kingsoft 1 Office 2012 2025-04-12 N/A
Stack-based buffer overflow in wpsio.dll in Kingsoft WPS Office 2012 possibly 8.1.0.3238 allows remote attackers to execute arbitrary code via a long BSTR string.