Export limit exceeded: 45936 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45936 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-15240 | 1 Irfanview | 2 Irfanview, Pdf | 2025-04-20 | N/A |
| IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Read Access Violation starting at PDF!xmlParserInputRead+0x0000000000132cef." | ||||
| CVE-2017-15241 | 1 Irfanview | 2 Irfanview, Pdf | 2025-04-20 | N/A |
| IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faulting Address controls Branch Selection starting at PDF!xmlParserInputRead+0x00000000000929f5." | ||||
| CVE-2017-15242 | 1 Irfanview | 2 Irfanview, Pdf | 2025-04-20 | N/A |
| IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to a "User Mode Write AV starting at PDF!xmlGetGlobalState+0x0000000000031abe." | ||||
| CVE-2015-9025 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a QTEE application. | ||||
| CVE-2015-9028 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a cryptographic routine. | ||||
| CVE-2015-9034 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a string can fail to be null-terminated in SIP leading to a buffer overflow. | ||||
| CVE-2015-9035 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a memory buffer fails to be freed after it is no longer needed potentially resulting in memory exhaustion. | ||||
| CVE-2015-9036 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an incorrect length is used to clear a memory buffer resulting in adjacent memory getting corrupted. | ||||
| CVE-2015-9037 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read may occur in the processing of a downlink 3G NAS message. | ||||
| CVE-2015-5946 | 1 Sugarcrm | 1 Sugarcrm | 2025-04-20 | N/A |
| Incomplete blacklist vulnerability in SuiteCRM 7.2.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension. | ||||
| CVE-2015-6585 | 1 Hancom | 1 Hangul Word Processor | 2025-04-20 | N/A |
| hwpapp.dll in Hangul Word Processor allows remote attackers to execute arbitrary code via a crafted heap spray, and by leveraging a "type confusion" via an HWPX file containing a crafted para text tag. | ||||
| CVE-2016-2783 | 1 Avaya | 1 Vsp Operating System Software | 2025-04-20 | N/A |
| Avaya Fabric Connect Virtual Services Platform (VSP) Operating System Software (VOSS) before 4.2.3.0 and 5.x before 5.0.1.0 does not properly handle VLAN and I-SIS indexes, which allows remote attackers to obtain unauthorized access via crafted Ethernet frames. | ||||
| CVE-2016-2568 | 2 Freedesktop, Redhat | 2 Polkit, Enterprise Linux | 2025-04-20 | 7.8 High |
| pkexec, when used with --user nonpriv, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer. | ||||
| CVE-2015-6674 | 2 Debian, Inspircd | 2 Debian Linux, Inspircd | 2025-04-20 | N/A |
| Buffer underflow vulnerability in the Debian inspircd package before 2.0.5-1+deb7u1 for wheezy and before 2.0.16-1 for jessie and sid. NOTE: This issue exists as an additional issue from an incomplete fix of CVE-2012-1836. | ||||
| CVE-2016-2147 | 3 Busybox, Canonical, Debian | 3 Busybox, Ubuntu Linux, Debian Linux | 2025-04-20 | 7.5 High |
| Integer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to cause a denial of service (crash) via a malformed RFC1035-encoded domain name, which triggers an out-of-bounds heap write. | ||||
| CVE-2016-2148 | 3 Busybox, Canonical, Debian | 3 Busybox, Ubuntu Linux, Debian Linux | 2025-04-20 | 9.8 Critical |
| Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to have unspecified impact via vectors involving OPTION_6RD parsing. | ||||
| CVE-2014-9927 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In UIM in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | ||||
| CVE-2014-9978 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a QTEE service. | ||||
| CVE-2016-1245 | 3 Debian, Quagga, Redhat | 3 Debian Linux, Quagga, Enterprise Linux | 2025-04-20 | N/A |
| It was discovered that the zebra daemon in Quagga before 1.0.20161017 suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages. The root cause was relying on BUFSIZ to be compatible with a message size; however, BUFSIZ is system-dependent. | ||||
| CVE-2014-9979 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a variable is uninitialized in a TrustZone system call potentially leading to the compromise of secure memory. | ||||