Total
11483 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-9025 | 1 Google | 1 Android | 2017-07-07 | 9.3 HIGH | 7.8 HIGH |
| In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a QTEE application. | |||||
| CVE-2016-10342 | 1 Google | 1 Android | 2017-07-07 | 9.3 HIGH | 7.8 HIGH |
| In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a syscall handler. | |||||
| CVE-2017-10725 | 1 Winamp | 1 Winamp | 2017-07-07 | 4.4 MEDIUM | 7.3 HIGH |
| Winamp 5.666 Build 3516(x86) allows attackers to execute arbitrary code or cause a denial of service via a crafted .flv file, related to "Data from Faulting Address controls Code Flow starting at in_flv!winampGetInModule2+0x00000000000009a8." | |||||
| CVE-2017-10706 | 1 Antiy | 1 Antivirus Engine | 2017-07-07 | 2.1 LOW | 6.2 MEDIUM |
| When Antiy Antivirus Engine before 5.0.0.05171547 scans a special ZIP archive, it crashes with a stack-based buffer overflow because a fixed path length is used. | |||||
| CVE-2017-8893 | 1 Aeroadmin | 1 Aeroadmin | 2017-07-07 | 5.0 MEDIUM | 7.5 HIGH |
| AeroAdmin 4.1 uses a function to copy data between two pointers where the size of the data copied is taken directly from a network packet. This can cause a buffer overflow and denial of service. | |||||
| CVE-2017-1310 | 1 Ibm | 1 Informix Dynamic Server | 2017-07-06 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM Informix Dynamic Server 12.1 could allow an authenticated user to cause a buffer overflow that would write large assertion fail files to the server. Done enough times, this could use large parts of the file system and cause the server to crash. IBM X-Force ID: 125569. | |||||
| CVE-2017-1105 | 3 Ibm, Linux, Microsoft | 8 Data Server Client, Data Server Driver For Odbc And Cli, Data Server Driver Package and 5 more | 2017-07-06 | 3.6 LOW | 7.1 HIGH |
| IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a buffer overflow that could allow a local user to overwrite DB2 files or cause a denial of service. IBM X-Force ID: 120668. | |||||
| CVE-2017-1000377 | 1 Linux | 1 Linux Kernel | 2017-07-05 | 4.6 MEDIUM | 5.9 MEDIUM |
| An issue was discovered in the size of the default stack guard page on PAX Linux (originally from GRSecurity but shipped by other Linux vendors), specifically the default stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects PAX Linux Kernel versions as of June 19, 2017 (specific version information is not available at this time). | |||||
| CVE-2017-9763 | 1 Radare | 1 Radare2 | 2017-07-05 | 5.0 MEDIUM | 7.5 HIGH |
| The grub_ext2_read_block function in fs/ext2.c in GNU GRUB before 2013-11-12, as used in shlr/grub/fs/ext2.c in radare2 1.5.0, allows remote attackers to cause a denial of service (excessive stack use and application crash) via a crafted binary file, related to use of a variable-size stack array. | |||||
| CVE-2017-9990 | 1 Ffmpeg | 1 Ffmpeg | 2017-07-05 | 6.8 MEDIUM | 8.8 HIGH |
| Stack-based buffer overflow in the color_string_to_rgba function in libavcodec/xpmdec.c in FFmpeg 3.3 before 3.3.1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. | |||||
| CVE-2017-9948 | 1 Microsoft | 1 Skype | 2017-07-05 | 6.5 MEDIUM | 8.8 HIGH |
| A stack buffer overflow vulnerability has been discovered in Microsoft Skype 7.2, 7.35, and 7.36 before 7.37, involving MSFTEDIT.DLL mishandling of remote RDP clipboard content within the message box. | |||||
| CVE-2017-9996 | 1 Ffmpeg | 1 Ffmpeg | 2017-07-05 | 6.8 MEDIUM | 7.8 HIGH |
| The cdxl_decode_frame function in libavcodec/cdxl.c in FFmpeg 2.8.x before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not exclude the CHUNKY format, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. | |||||
| CVE-2017-9991 | 1 Ffmpeg | 1 Ffmpeg | 2017-07-05 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based buffer overflow in the xwd_decode_frame function in libavcodec/xwddec.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. | |||||
| CVE-2017-9995 | 1 Ffmpeg | 1 Ffmpeg | 2017-07-03 | 6.8 MEDIUM | 7.8 HIGH |
| libavcodec/scpr.c in FFmpeg 3.3 before 3.3.1 does not properly validate height and width data, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. | |||||
| CVE-2017-10671 | 1 Sthttpd Project | 1 Sthttpd | 2017-07-03 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based Buffer Overflow in the de_dotdot function in libhttpd.c in sthttpd before 2.27.1 allows remote attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a crafted filename. | |||||
| CVE-2016-6525 | 2 Artifex, Debian | 2 Mupdf, Debian Linux | 2017-06-30 | 7.5 HIGH | 9.8 CRITICAL |
| Heap-based buffer overflow in the pdf_load_mesh_params function in pdf/pdf-shade.c in MuPDF allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a large decode array. | |||||
| CVE-2016-9425 | 1 W3m Project | 1 W3m | 2017-06-30 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in the addMultirowsForm function in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page. | |||||
| CVE-2016-9298 | 1 Imagemagick | 1 Imagemagick | 2017-06-30 | 4.3 MEDIUM | 5.5 MEDIUM |
| Heap overflow in the WaveletDenoiseImage function in MagickCore/fx.c in ImageMagick before 6.9.6-4 and 7.x before 7.0.3-6 allows remote attackers to cause a denial of service (crash) via a crafted image. | |||||
| CVE-2016-9442 | 1 W3m Project | 1 W3m | 2017-06-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause memory corruption in certain conditions via a crafted HTML page. | |||||
| CVE-2016-9429 | 1 W3m Project | 1 W3m | 2017-06-30 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Buffer overflow in the formUpdateBuffer function in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page. | |||||