Export limit exceeded: 46112 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (46112 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-2106 | 2 Openssl, Redhat | 13 Openssl, Enterprise Linux, Enterprise Linux Desktop and 10 more | 2025-04-12 | N/A |
| Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data. | ||||
| CVE-2016-2108 | 3 Google, Openssl, Redhat | 13 Android, Openssl, Enterprise Linux and 10 more | 2025-04-12 | N/A |
| The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the "negative zero" issue. | ||||
| CVE-2016-3134 | 3 Linux, Novell, Redhat | 12 Linux Kernel, Suse Linux Enterprise Debuginfo, Suse Linux Enterprise Desktop and 9 more | 2025-04-12 | N/A |
| The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call. | ||||
| CVE-2016-3135 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2025-04-12 | 7.8 High |
| Integer overflow in the xt_alloc_table_info function in net/netfilter/x_tables.c in the Linux kernel through 4.5.2 on 32-bit platforms allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call. | ||||
| CVE-2016-3141 | 3 Apple, Php, Redhat | 3 Mac Os X, Php, Rhel Software Collections | 2025-04-12 | N/A |
| Use-after-free vulnerability in wddx.c in the WDDX extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact by triggering a wddx_deserialize call on XML data containing a crafted var element. | ||||
| CVE-2016-3142 | 3 Apple, Php, Redhat | 3 Mac Os X, Php, Rhel Software Collections | 2025-04-12 | N/A |
| The phar_parse_zipfile function in zip.c in the PHAR extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) by placing a PK\x05\x06 signature at an invalid location. | ||||
| CVE-2016-3171 | 3 Debian, Drupal, Php | 3 Debian Linux, Drupal, Php | 2025-04-12 | N/A |
| Drupal 6.x before 6.38, when used with PHP before 5.4.45, 5.5.x before 5.5.29, or 5.6.x before 5.6.13, might allow remote attackers to execute arbitrary code via vectors related to session data truncation. | ||||
| CVE-2016-3186 | 3 Libtiff, Opensuse, Redhat | 3 Libtiff, Opensuse, Enterprise Linux | 2025-04-12 | N/A |
| Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted GIF file. | ||||
| CVE-2016-3190 | 3 Cairographics, Opensuse, Redhat | 3 Cairo, Opensuse, Enterprise Linux | 2025-04-12 | N/A |
| The fill_xrgb32_lerp_opaque_spans function in cairo-image-compositor.c in cairo before 1.14.2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a negative span length. | ||||
| CVE-2016-3191 | 2 Pcre, Redhat | 4 Pcre, Pcre2, Enterprise Linux and 1 more | 2025-04-12 | N/A |
| The compile_branch function in pcre_compile.c in PCRE 8.x before 8.39 and pcre2_compile.c in PCRE2 before 10.22 mishandles patterns containing an (*ACCEPT) substring in conjunction with nested parentheses, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, aka ZDI-CAN-3542. | ||||
| CVE-2016-3199 | 1 Microsoft | 1 Edge | 2025-04-12 | N/A |
| The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3214. | ||||
| CVE-2016-3202 | 1 Microsoft | 5 Chakra Javascript, Edge, Internet Explorer and 2 more | 2025-04-12 | N/A |
| The Microsoft (1) Chakra JavaScript, (2) JScript, and (3) VBScript engines, as used in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." | ||||
| CVE-2016-3204 | 1 Microsoft | 1 Internet Explorer | 2025-04-12 | N/A |
| The Microsoft (1) JScript 5.8 and 9 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." | ||||
| CVE-2016-3246 | 1 Microsoft | 1 Edge | 2025-04-12 | N/A |
| Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability." | ||||
| CVE-2016-3205 | 1 Microsoft | 3 Internet Explorer, Jscript, Vbscript | 2025-04-12 | N/A |
| The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3206 and CVE-2016-3207. | ||||
| CVE-2016-3206 | 1 Microsoft | 3 Internet Explorer, Jscript, Vbscript | 2025-04-12 | N/A |
| The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3205 and CVE-2016-3207. | ||||
| CVE-2016-3207 | 1 Microsoft | 3 Internet Explorer, Jscript, Vbscript | 2025-04-12 | N/A |
| The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3205 and CVE-2016-3206. | ||||
| CVE-2016-3210 | 1 Microsoft | 1 Internet Explorer | 2025-04-12 | N/A |
| The Microsoft (1) JScript and (2) VBScript engines, as used in Internet Explorer 11, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." | ||||
| CVE-2016-3211 | 1 Microsoft | 1 Internet Explorer | 2025-04-12 | N/A |
| Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0199 and CVE-2016-0200. | ||||
| CVE-2016-3214 | 1 Microsoft | 1 Edge | 2025-04-12 | N/A |
| The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3199. | ||||