Total
7966 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-10699 | 1 Videolan | 1 Vlc Media Player | 2017-11-22 | 7.5 HIGH | 9.8 CRITICAL |
avcodec 2.2.x, as used in VideoLAN VLC media player 2.2.7-x before 2017-06-29, allows out-of-bounds heap memory write due to calling memcpy() with a wrong size, leading to a denial of service (application crash) or possibly code execution. | |||||
CVE-2017-7856 | 1 Libreoffice | 1 Libreoffice | 2017-11-14 | 7.5 HIGH | 9.8 CRITICAL |
LibreOffice before 2017-03-11 has an out-of-bounds write caused by a heap-based buffer overflow in the SVMConverter::ImplConvertFromSVM1 function in vcl/source/gdi/svmconverter.cxx. | |||||
CVE-2017-7882 | 1 Libreoffice | 1 Libreoffice | 2017-11-14 | 7.5 HIGH | 9.8 CRITICAL |
LibreOffice before 2017-03-14 has an out-of-bounds write related to the HWPFile::TagsRead function in hwpfilter/source/hwpfile.cxx. | |||||
CVE-2016-10327 | 1 Libreoffice | 1 Libreoffice | 2017-11-14 | 7.5 HIGH | 9.8 CRITICAL |
LibreOffice before 2016-12-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the EnhWMFReader::ReadEnhWMF function in vcl/source/filter/wmf/enhwmf.cxx. | |||||
CVE-2017-15303 | 1 Cpuid | 1 Cpu-z | 2017-11-07 | 4.3 MEDIUM | 7.8 HIGH |
In CPUID CPU-Z before 1.43, there is an arbitrary memory write that results directly in elevation of privileges, because any program running on the local machine (while CPU-Z is running) can issue an ioctl 0x9C402430 call to the kernel-mode driver (e.g., cpuz141_x64.sys for version 1.41). | |||||
CVE-2016-4331 | 1 Hdfgroup | 1 Hdf5 | 2017-11-03 | 6.9 MEDIUM | 8.6 HIGH |
When decoding data out of a dataset encoded with the H5Z_NBIT decoding, the HDF5 1.8.16 library will fail to ensure that the precision is within the bounds of the size leading to arbitrary code execution. | |||||
CVE-2016-3624 | 1 Libtiff | 1 Libtiff | 2017-11-03 | 5.0 MEDIUM | 7.5 HIGH |
The cvtClump function in the rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) by setting the "-v" option to -1. | |||||
CVE-2017-6451 | 1 Ntp | 1 Ntp | 2017-10-23 | 4.6 MEDIUM | 7.8 HIGH |
The mx4200_send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, which trigger an out-of-bounds memory write. | |||||
CVE-2017-11046 | 1 Google | 1 Android | 2017-10-19 | 4.6 MEDIUM | 7.8 HIGH |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when an audio driver ioctl handler is called, a kernel out-of-bounds write can potentially occur. | |||||
CVE-2017-14647 | 1 Bento4 | 1 Bento4 | 2017-10-03 | 6.8 MEDIUM | 8.8 HIGH |
A heap-based buffer overflow was discovered in AP4_VisualSampleEntry::ReadFields in Core/Ap4SampleEntry.cpp in Bento4 1.5.0-617. The vulnerability causes an out-of-bounds write, which leads to remote denial of service or possibly code execution. | |||||
CVE-2017-14644 | 1 Bento4 | 1 Bento4 | 2017-09-28 | 6.8 MEDIUM | 8.8 HIGH |
A heap-based buffer overflow was discovered in the AP4_HdlrAtom class in Bento4 1.5.0-617. The vulnerability causes an out-of-bounds write, which leads to remote denial of service or possibly code execution. | |||||
CVE-2017-14412 | 1 Mp3gain | 1 Mp3gain | 2017-09-18 | 6.8 MEDIUM | 7.8 HIGH |
An invalid memory write was discovered in copy_mp in interface.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes a denial of service (segmentation fault and application crash) or possibly unspecified other impact. | |||||
CVE-2017-14411 | 1 Mp3gain | 1 Mp3gain | 2017-09-18 | 6.8 MEDIUM | 7.8 HIGH |
A stack-based buffer overflow was discovered in copy_mp in interface.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an out-of-bounds write, which leads to remote denial of service or possibly code execution. | |||||
CVE-2017-14409 | 1 Mp3gain | 1 Mp3gain | 2017-09-18 | 6.8 MEDIUM | 7.8 HIGH |
A buffer overflow was discovered in III_dequantize_sample in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an out-of-bounds write, which leads to remote denial of service or possibly code execution. | |||||
CVE-2017-12953 | 1 Libgig0 | 1 Libgig | 2017-09-05 | 4.3 MEDIUM | 6.5 MEDIUM |
The gig::Instrument::UpdateRegionKeyTable function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service (invalid memory write and application crash) via a crafted gig file. | |||||
CVE-2016-1513 | 1 Apache | 1 Openoffice | 2017-08-31 | 6.8 MEDIUM | 7.8 HIGH |
The Impress tool in Apache OpenOffice 4.1.2 and earlier allows remote attackers to cause a denial of service (out-of-bounds read or write) or execute arbitrary code via crafted MetaActions in an (1) ODP or (2) OTP file. | |||||
CVE-2016-7392 | 1 Autotrace Project | 1 Autotrace | 2017-08-27 | 4.3 MEDIUM | 5.5 MEDIUM |
Heap-based buffer overflow in the pstoedit_suffix_table_init function in output-pstoedit.c in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted bmp image file. | |||||
CVE-2017-8272 | 1 Google | 1 Android | 2017-08-22 | 6.8 MEDIUM | 7.8 HIGH |
In all Qualcomm products with Android releases from CAF using the Linux kernel, in a driver function, a value from userspace is not properly validated potentially leading to an out of bounds heap write. | |||||
CVE-2017-12955 | 1 Exiv2 | 1 Exiv2 | 2017-08-22 | 6.8 MEDIUM | 8.8 HIGH |
There is a heap-based buffer overflow in basicio.cpp of Exiv2 0.26. The vulnerability causes an out-of-bounds write in Exiv2::Image::printIFDStructure(), which may lead to remote denial of service or possibly unspecified other impact. | |||||
CVE-2017-8271 | 1 Google | 1 Android | 2017-08-16 | 6.8 MEDIUM | 7.8 HIGH |
Out of bound memory write can happen in the MDSS Rotator driver in all Qualcomm products with Android releases from CAF using the Linux kernel by an unsanitized userspace-controlled parameter. |