Total
11483 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-8088 | 1 Huawei | 4 Mate 7, Mate 7 Firmware, P8 and 1 more | 2016-11-28 | 9.3 HIGH | 7.8 HIGH |
| Heap-based buffer overflow in the HIFI driver in Huawei Mate 7 phones with software MT7-UL00 before MT7-UL00C17B354, MT7-TL10 before MT7-TL10C00B354, MT7-TL00 before MT7-TL00C01B354, and MT7-CL00 before MT7-CL00C92B354 and P8 phones with software GRA-TL00 before GRA-TL00C01B220SP01, GRA-CL00 before GRA-CL00C92B220, GRA-CL10 before GRA-CL10C92B220, GRA-UL00 before GRA-UL00C00B220, and GRA-UL10 before GRA-UL10C00B220 allows attackers to cause a denial of service (reboot) or execute arbitrary code via a crafted application. | |||||
| CVE-2015-7937 | 1 Schneider-electric | 13 Bmxnoc0401, Bmxnoe0100, Bmxnoe0100h and 10 more | 2016-11-28 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the GoAhead Web Server on Schneider Electric Modicon M340 PLC BMXNOx and BMXPx devices allows remote attackers to execute arbitrary code via a long password in HTTP Basic Authentication data. | |||||
| CVE-2015-5380 | 3 Google, Iojs, Nodejs | 3 V8, Io.js, Node.js | 2016-11-28 | 7.5 HIGH | N/A |
| The Utf8DecoderBase::WriteUtf16Slow function in unicode-decoder.cc in Google V8, as used in Node.js before 0.12.6, io.js before 1.8.3 and 2.x before 2.3.3, and other products, does not verify that there is memory available for a UTF-16 surrogate pair, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted byte sequence. | |||||
| CVE-2015-2092 | 1 Agilent Technologies | 1 Feature Extraction | 2016-11-28 | 7.5 HIGH | N/A |
| The AnnotationX.AnnList.1 ActiveX control in Agilent Technologies Feature Extraction allows remote attackers to execute arbitrary code via a crafted object parameter in the Insert function, related to "Index Out-Of-Bounds." | |||||
| CVE-2015-1473 | 2 Canonical, Gnu | 2 Ubuntu Linux, Glibc | 2016-11-28 | 6.4 MEDIUM | N/A |
| The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca function, which might allow context-dependent attackers to cause a denial of service (segmentation violation) or overwrite memory locations beyond the stack boundary via a long line containing wide characters that are improperly handled in a wscanf call. | |||||
| CVE-2015-1000 | 1 Moxa | 1 Softcms | 2016-11-28 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in the OpenForIPCamTest method in the RTSPVIDEO.rtspvideoCtrl.1 (aka SStreamVideo) ActiveX control in Moxa SoftCMS before 1.3 allows remote attackers to execute arbitrary code via the StrRtspPath parameter. | |||||
| CVE-2014-9882 | 1 Google | 1 Android | 2016-11-28 | 6.8 MEDIUM | 7.8 HIGH |
| Buffer overflow in drivers/media/radio/radio-iris.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28769546 and Qualcomm internal bug CR552329. | |||||
| CVE-2014-9902 | 1 Google | 1 Android | 2016-11-28 | 10.0 HIGH | 9.8 CRITICAL |
| Buffer overflow in CORE/SYS/legacy/src/utils/src/dot11f.c in the Qualcomm Wi-Fi driver in Android before 2016-08-05 on Nexus 7 (2013) devices allows remote attackers to execute arbitrary code via a crafted Information Element (IE) in an 802.11 management frame, aka Android internal bug 28668638 and Qualcomm internal bugs CR553937 and CR553941. | |||||
| CVE-2014-9874 | 1 Google | 1 Android | 2016-11-28 | 6.8 MEDIUM | 7.8 HIGH |
| Buffer overflow in the Qualcomm components in Android before 2016-08-05 on Nexus 5, 5X, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted application, related to arch/arm/mach-msm/qdsp6v2/audio_utils.c and sound/soc/msm/qdsp6v2/q6asm.c, aka Android internal bug 28751152 and Qualcomm internal bug CR563086. | |||||
| CVE-2014-9871 | 1 Google | 1 Android | 2016-11-28 | 9.3 HIGH | 7.8 HIGH |
| Multiple buffer overflows in drivers/media/platform/msm/camera_v2/isp/msm_isp_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allow attackers to gain privileges via a crafted application, aka Android internal bug 28749803 and Qualcomm internal bug CR514717. | |||||
| CVE-2014-9781 | 1 Google | 1 Android | 2016-11-28 | 9.3 HIGH | 7.8 HIGH |
| Buffer overflow in drivers/video/fbcmap.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28410333 and Qualcomm internal bug CR556471. | |||||
| CVE-2014-9778 | 1 Google | 1 Android | 2016-11-28 | 9.3 HIGH | 7.8 HIGH |
| The vid_dec_set_h264_mv_buffers function in drivers/video/msm/vidc/common/dec/vdec.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate the number of buffers, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28598515 and Qualcomm internal bug CR563694. | |||||
| CVE-2014-9777 | 1 Google | 1 Android | 2016-11-28 | 9.3 HIGH | 7.8 HIGH |
| The vid_dec_set_meta_buffers function in drivers/video/msm/vidc/common/dec/vdec.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate the number of buffers, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28598501 and Qualcomm internal bug CR563654. | |||||
| CVE-2014-9786 | 1 Google | 1 Android | 2016-11-28 | 9.3 HIGH | 7.8 HIGH |
| Heap-based buffer overflow in drivers/media/platform/msm/camera_v2/sensor/actuator/msm_actuator.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28557260 and Qualcomm internal bug CR545979. | |||||
| CVE-2014-9788 | 1 Google | 1 Android | 2016-11-28 | 9.3 HIGH | 7.8 HIGH |
| Multiple buffer overflows in the voice drivers in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices allow attackers to gain privileges via a crafted application, aka Android internal bug 28573112 and Qualcomm internal bug CR548872. | |||||
| CVE-2014-9784 | 1 Google | 1 Android | 2016-11-28 | 9.3 HIGH | 7.8 HIGH |
| Multiple buffer overflows in drivers/char/diag/diag_debugfs.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allow attackers to gain privileges via a crafted application, aka Android internal bug 28442449 and Qualcomm internal bug CR585147. | |||||
| CVE-2014-3478 | 2 Christos Zoulas, Php | 2 File, Php | 2016-11-28 | 5.0 MEDIUM | N/A |
| Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (application crash) via a crafted Pascal string in a FILE_PSTRING conversion. | |||||
| CVE-2014-3198 | 2 Google, Redhat | 5 Chrome, Enterprise Linux Desktop Supplementary, Enterprise Linux Server Supplementary and 2 more | 2016-11-28 | 5.0 MEDIUM | N/A |
| The Instance::HandleInputEvent function in pdf/instance.cc in the PDFium component in Google Chrome before 38.0.2125.101 interprets a certain -1 value as an index instead of a no-visible-page error code, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
| CVE-2013-7443 | 2 Canonical, Sqlite | 2 Ubuntu Linux, Sqlite | 2016-11-28 | 5.0 MEDIUM | N/A |
| Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows remote attackers to cause a denial of service (crash) via crafted SQL statements. | |||||
| CVE-2012-3570 | 1 Isc | 1 Dhcp | 2016-11-28 | 5.7 MEDIUM | N/A |
| Buffer overflow in ISC DHCP 4.2.x before 4.2.4-P1, when DHCPv6 mode is enabled, allows remote attackers to cause a denial of service (segmentation fault and daemon exit) via a crafted client identifier parameter. | |||||