Total
7935 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-11078 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing the boot image header, an out of bounds read can occur in boot. | ||||
| CVE-2017-1000456 | 2 Debian, Freedesktop | 2 Debian Linux, Poppler | 2024-11-21 | N/A |
| freedesktop.org libpoppler 0.60.1 fails to validate boundaries in TextPool::addWord, leading to overflow in subsequent calculations. | ||||
| CVE-2016-9953 | 2 Haxx, Microsoft | 2 Curl, Windows Embedded Compact | 2024-11-21 | N/A |
| The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly have unspecified other impact via a wildcard certificate name, which triggers an out-of-bounds read. | ||||
| CVE-2016-9598 | 2 Redhat, Xmlsoft | 2 Jboss Core Services, Libxml2 | 2024-11-21 | 6.5 Medium |
| libxml2, as used in Red Hat JBoss Core Services, allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted XML document. NOTE: this vulnerability exists because of a missing fix for CVE-2016-4483. | ||||
| CVE-2016-9583 | 3 Jasper Project, Oracle, Redhat | 9 Jasper, Outside In Technology, Enterprise Linux and 6 more | 2024-11-21 | N/A |
| An out-of-bounds heap read vulnerability was found in the jpc_pi_nextpcrl() function of jasper before 2.0.6 when processing crafted input. | ||||
| CVE-2016-9573 | 3 Debian, Redhat, Uclouvain | 8 Debian Linux, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2024-11-21 | N/A |
| An out-of-bounds read vulnerability was found in OpenJPEG 2.1.2, in the j2k_to_image tool. Converting a specially crafted JPEG2000 file to another format could cause the application to crash or, potentially, disclose some data from the heap. | ||||
| CVE-2016-9570 | 1 Carbonblack | 1 Carbon Black | 2024-11-21 | N/A |
| cb.exe in Carbon Black 5.1.1.60603 allows attackers to cause a denial of service (out-of-bounds read, invalid pointer dereference, and application crash) by leveraging access to the NetMon named pipe. | ||||
| CVE-2016-9569 | 1 Carbonblack | 1 Carbon Black | 2024-11-21 | N/A |
| The cbstream.sys driver in Carbon Black 5.1.1.60603 allows local users with admin privileges to cause a denial of service (out-of-bounds read and system crash) via a large counter value in an 0x62430028 IOCTL call. | ||||
| CVE-2016-8621 | 2 Haxx, Redhat | 3 Curl, Jboss Core Services, Rhel Software Collections | 2024-11-21 | N/A |
| The `curl_getdate` function in curl before version 7.51.0 is vulnerable to an out of bounds read if it receives an input with one digit short. | ||||
| CVE-2016-8620 | 2 Haxx, Redhat | 2 Curl, Rhel Software Collections | 2024-11-21 | N/A |
| The 'globbing' feature in curl before version 7.51.0 has a flaw that leads to integer overflow and out-of-bounds read via user controlled input. | ||||
| CVE-2016-7524 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | 6.5 Medium |
| coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. | ||||
| CVE-2016-7523 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | 6.5 Medium |
| coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. | ||||
| CVE-2016-7151 | 1 Capstone-engine | 1 Capstone | 2024-11-21 | N/A |
| Capstone 3.0.4 has an out-of-bounds vulnerability (SEGV caused by a read memory access) in X86_insn_reg_intel in arch/X86/X86Mapping.c. | ||||
| CVE-2016-10749 | 1 Cjson Project | 1 Cjson | 2024-11-21 | 9.8 Critical |
| parse_string in cJSON.c in cJSON before 2016-10-02 has a buffer over-read, as demonstrated by a string that begins with a " character and ends with a \ character. | ||||
| CVE-2016-10713 | 2 Gnu, Redhat | 2 Patch, Enterprise Linux | 2024-11-21 | N/A |
| An issue was discovered in GNU patch before 2.7.6. Out-of-bounds access within pch_write_line() in pch.c can possibly lead to DoS via a crafted input file. | ||||
| CVE-2016-10403 | 1 Google | 1 Chrome | 2024-11-21 | N/A |
| Insufficient data validation on image data in PDFium in Google Chrome prior to 51.0.2704.63 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. | ||||
| CVE-2015-9383 | 3 Canonical, Debian, Freetype | 3 Ubuntu Linux, Debian Linux, Freetype | 2024-11-21 | 6.5 Medium |
| FreeType before 2.6.2 has a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c. | ||||
| CVE-2015-9382 | 3 Debian, Freetype, Redhat | 3 Debian Linux, Freetype, Enterprise Linux | 2024-11-21 | N/A |
| FreeType before 2.6.1 has a buffer over-read in skip_comment in psaux/psobjs.c because ps_parser_skip_PS_token is mishandled in an FT_New_Memory_Face operation. | ||||
| CVE-2015-9381 | 3 Debian, Freetype, Redhat | 3 Debian Linux, Freetype, Enterprise Linux | 2024-11-21 | N/A |
| FreeType before 2.6.1 has a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c. | ||||
| CVE-2015-9290 | 1 Freetype | 1 Freetype | 2024-11-21 | N/A |
| In FreeType before 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1_Get_Private_Dict where there is no check that the new values of cur and limit are sensible before going to Again. | ||||