Total
2510 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-2591 | 2 Fedoraproject, Redhat | 2 389 Directory Server, Enterprise Linux | 2024-11-21 | N/A |
| 389-ds-base before version 1.3.6 is vulnerable to an improperly NULL terminated array in the uniqueness_entry_to_config() function in the "attribute uniqueness" plugin of 389 Directory Server. An authenticated, or possibly unauthenticated, attacker could use this flaw to force an out-of-bound heap memory read, possibly triggering a crash of the LDAP service. | ||||
| CVE-2017-18926 | 4 Debian, Fedoraproject, Librdf and 1 more | 4 Debian Linux, Fedora, Raptor Rdf Syntax Library and 1 more | 2024-11-21 | 7.1 High |
| raptor_xml_writer_start_element_common in raptor_xml_writer.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows (sometimes seen in raptor_qname_format_as_xml). | ||||
| CVE-2017-18922 | 6 Canonical, Fedoraproject, Libvncserver Project and 3 more | 19 Ubuntu Linux, Fedora, Libvncserver and 16 more | 2024-11-21 | 9.8 Critical |
| It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overflow. | ||||
| CVE-2017-18640 | 5 Fedoraproject, Oracle, Quarkus and 2 more | 8 Fedora, Peoplesoft Enterprise Pt Peopletools, Quarkus and 5 more | 2024-11-21 | 7.5 High |
| The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564. | ||||
| CVE-2017-16909 | 2 Canonical, Libraw | 2 Ubuntu Linux, Libraw | 2024-11-21 | N/A |
| An error related to the "LibRaw::panasonic_load_raw()" function (dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image. | ||||
| CVE-2017-16737 | 1 We-con | 2 Levistudio Hmi Editor, Levistudio Hmi Editor Firmware | 2024-11-21 | N/A |
| An issue was discovered in WECON Technology LEVI Studio HMI Editor v1.8.29 and prior. A specially-crafted malicious file may be able to cause a heap-based buffer overflow vulnerability when opened by a user. | ||||
| CVE-2017-1000418 | 1 Mindwerks | 1 Wildmidi | 2024-11-21 | N/A |
| The WildMidi_Open function in WildMIDI since commit d8a466829c67cacbb1700beded25c448d99514e5 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. | ||||
| CVE-2016-9603 | 4 Citrix, Debian, Qemu and 1 more | 10 Xenserver, Debian Linux, Qemu and 7 more | 2024-11-21 | N/A |
| A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process. | ||||
| CVE-2016-9601 | 2 Artifex, Debian | 3 Gpl Ghostscript, Jbig2dec, Debian Linux | 2024-11-21 | N/A |
| ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2_decode_gray_scale_image function which is used to decode halftone segments in a JBIG2 image. A document (PostScript or PDF) with an embedded, specially crafted, jbig2 image could trigger a segmentation fault in ghostscript. | ||||
| CVE-2016-9586 | 2 Haxx, Redhat | 2 Curl, Rhel Software Collections | 2024-11-21 | N/A |
| curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf() functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks. | ||||
| CVE-2016-9581 | 1 Uclouvain | 1 Openjpeg | 2024-11-21 | N/A |
| An infinite loop vulnerability in tiftoimage that results in heap buffer overflow in convert_32s_C1P1 was found in openjpeg 2.1.2. | ||||
| CVE-2016-9580 | 1 Uclouvain | 1 Openjpeg | 2024-11-21 | N/A |
| An integer overflow vulnerability was found in tiftoimage function in openjpeg 2.1.2, resulting in heap buffer overflow. | ||||
| CVE-2016-9577 | 3 Debian, Redhat, Spice Project | 8 Debian Linux, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2024-11-21 | N/A |
| A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An authenticated attacker could send crafted messages to the SPICE server causing a heap overflow leading to a crash or possible code execution. | ||||
| CVE-2016-8654 | 3 Debian, Jasper Project, Redhat | 8 Debian Linux, Jasper, Enterprise Linux and 5 more | 2024-11-21 | N/A |
| A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size. jasper versions before 2.0.0 are affected. | ||||
| CVE-2016-8622 | 2 Haxx, Redhat | 3 Libcurl, Jboss Core Services, Rhel Software Collections | 2024-11-21 | N/A |
| The URL percent-encoding decode function in libcurl before 7.51.0 is called `curl_easy_unescape`. Internally, even if this function would be made to allocate a unscape destination buffer larger than 2GB, it would return that new length in a signed 32 bit integer variable, thus the length would get either just truncated or both truncated and turned negative. That could then lead to libcurl writing outside of its heap based buffer. | ||||
| CVE-2016-7524 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | 6.5 Medium |
| coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. | ||||
| CVE-2016-7523 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | 6.5 Medium |
| coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. | ||||
| CVE-2016-2123 | 1 Samba | 1 Samba | 2024-11-21 | 8.8 High |
| A flaw was found in samba versions 4.0.0 to 4.5.2. The Samba routine ndr_pull_dnsp_name contains an integer wrap problem, leading to an attacker-controlled memory overwrite. ndr_pull_dnsp_name parses data from the Samba Active Directory ldb database. Any user who can write to the dnsRecord attribute over LDAP can trigger this memory corruption. By default, all authenticated LDAP users can write to the dnsRecord attribute on new DNS objects. This makes the defect a remote privilege escalation. | ||||
| CVE-2015-9262 | 4 Canonical, Debian, Redhat and 1 more | 8 Ubuntu Linux, Debian Linux, Ansible Tower and 5 more | 2024-11-21 | N/A |
| _XcursorThemeInherits in library.c in libXcursor before 1.1.15 allows remote attackers to cause denial of service or potentially code execution via a one-byte heap overflow. | ||||
| CVE-2015-6457 | 1 Moxa | 1 Softcms | 2024-11-21 | N/A |
| Moxa SoftCMS 1.3 and prior is susceptible to a buffer overflow condition that may crash or allow remote code execution. Moxa released SoftCMS version 1.4 on June 1, 2015, to address the vulnerability. | ||||