Export limit exceeded: 363719 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (3823 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-5158 3 Google, Opensuse, Redhat 4 Chrome, Leap, Enterprise Linux and 1 more 2025-04-12 N/A
Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data.
CVE-2016-5159 3 Google, Opensuse, Redhat 4 Chrome, Leap, Enterprise Linux and 1 more 2025-04-12 N/A
Multiple integer overflows in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data that is mishandled during opj_aligned_malloc calls in dwt.c and t1.c.
CVE-2016-5690 2 Imagemagick, Oracle 2 Imagemagick, Solaris 2025-04-12 N/A
The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing the pixel scaling table.
CVE-2016-5769 1 Php 1 Php 2025-04-12 N/A
Multiple integer overflows in mcrypt.c in the mcrypt extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allow remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted length value, related to the (1) mcrypt_generic and (2) mdecrypt_generic functions.
CVE-2016-5770 4 Debian, Opensuse, Php and 1 more 5 Debian Linux, Leap, Opensuse and 2 more 2025-04-12 9.8 Critical
Integer overflow in the SplFileObject::fread function in spl_directory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a related issue to CVE-2016-5096.
CVE-2016-5767 3 Libgd, Php, Redhat 4 Libgd, Php, Enterprise Linux and 1 more 2025-04-12 N/A
Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image dimensions.
CVE-2016-5841 2 Imagemagick, Oracle 2 Imagemagick, Solaris 2025-04-12 N/A
Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable.
CVE-2016-5844 3 Libarchive, Oracle, Redhat 11 Libarchive, Linux, Solaris and 8 more 2025-04-12 N/A
Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.
CVE-2016-9031 1 Joyent 1 Smartos 2025-04-12 7.8 High
An exploitable integer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dealing with 32-bit file systems. An attacker can craft an input that can cause a kernel panic and potentially be leveraged into a full privilege escalation vulnerability. This vulnerability is distinct from CVE-2016-8733.
CVE-2016-9083 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Rhel Extras Rt 2025-04-12 7.8 High
drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS ioctl call, aka a "state machine confusion bug."
CVE-2016-9084 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Rhel Extras Rt 2025-04-12 N/A
drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11 misuses the kzalloc function, which allows local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file.
CVE-2016-9104 3 Debian, Opensuse, Qemu 3 Debian Linux, Leap, Qemu 2025-04-12 4.4 Medium
Multiple integer overflows in the (1) v9fs_xattr_read and (2) v9fs_xattr_write functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS administrators to cause a denial of service (QEMU process crash) via a crafted offset, which triggers an out-of-bounds access.
CVE-2016-9189 2 Debian, Python 2 Debian Linux, Pillow 2025-04-12 N/A
Pillow before 3.3.2 allows context-dependent attackers to obtain sensitive information by using the "crafted image file" approach, related to an "Integer Overflow" issue affecting the Image.core.map_buffer in map.c component.
CVE-2016-9793 2 Linux, Redhat 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more 2025-04-12 7.8 High
The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option.
CVE-2016-5261 2 Mozilla, Redhat 2 Firefox, Enterprise Linux 2025-04-12 N/A
Integer overflow in the WebSocketChannel class in the WebSockets subsystem in Mozilla Firefox before 48.0 and Firefox ESR < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted packets that trigger incorrect buffer-resize operations during buffering.
CVE-2015-4480 4 Canonical, Mozilla, Opensuse and 1 more 4 Ubuntu Linux, Firefox, Opensuse and 1 more 2025-04-12 N/A
Integer overflow in the stagefright::SampleTable::isValid function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via crafted MPEG-4 video data with H.264 encoding.
CVE-2016-4472 4 Canonical, Libexpat Project, Mcafee and 1 more 4 Ubuntu Linux, Libexpat, Policy Auditor and 1 more 2025-04-12 8.1 High
The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1283 and CVE-2015-2716.
CVE-2016-4009 1 Python 1 Pillow 2025-04-12 N/A
Integer overflow in the ImagingResampleHorizontal function in libImaging/Resample.c in Pillow before 3.1.1 allows remote attackers to have unspecified impact via negative values of the new size, which triggers a heap-based buffer overflow.
CVE-2016-3945 3 Libtiff, Oracle, Redhat 3 Libtiff, Vm Server, Enterprise Linux 2025-04-12 N/A
Multiple integer overflows in the (1) cvt_by_strip and (2) cvt_by_tile functions in the tiff2rgba tool in LibTIFF 4.0.6 and earlier, when -b mode is enabled, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted TIFF image, which triggers an out-of-bounds write.
CVE-2016-3935 1 Google 1 Android 2025-04-12 N/A
Multiple integer overflows in drivers/crypto/msm/qcedev.c in the Qualcomm cryptographic engine driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29999665 and Qualcomm internal bug CR 1046507.