Total
6546 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-6161 | 3 Debian, Libgd, Opensuse | 3 Debian Linux, Libgd, Leap | 2018-10-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| The output function in gd_gif_out.c in the GD Graphics Library (aka libgd) allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image. | |||||
| CVE-2016-3658 | 1 Libtiff | 1 Libtiff | 2018-10-30 | 5.0 MEDIUM | 7.5 HIGH |
| The TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving the ma variable. | |||||
| CVE-2016-8682 | 3 Debian, Graphicsmagick, Opensuse | 3 Debian Linux, Graphicsmagick, Opensuse | 2018-10-30 | 5.0 MEDIUM | 7.5 HIGH |
| The ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SCT header. | |||||
| CVE-2016-6214 | 3 Debian, Libgd, Opensuse | 3 Debian Linux, Libgd, Leap | 2018-10-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file. | |||||
| CVE-2017-5335 | 2 Gnu, Opensuse | 2 Gnutls, Leap | 2018-10-30 | 5.0 MEDIUM | 7.5 HIGH |
| The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate. | |||||
| CVE-2016-3631 | 1 Libtiff | 1 Libtiff | 2018-10-30 | 5.0 MEDIUM | 7.5 HIGH |
| The (1) cpStrips and (2) cpTiles functions in the thumbnail tool in LibTIFF 4.0.6 and earlier allow remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the bytecounts[] array variable. | |||||
| CVE-2014-9658 | 7 Canonical, Debian, Fedoraproject and 4 more | 12 Ubuntu Linux, Debian Linux, Fedora and 9 more | 2018-10-30 | 7.5 HIGH | N/A |
| The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font. | |||||
| CVE-2014-8483 | 4 Canonical, Debian, Opensuse and 1 more | 4 Ubuntu Linux, Debian Linux, Opensuse and 1 more | 2018-10-30 | 5.0 MEDIUM | N/A |
| The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a malformed string. | |||||
| CVE-2016-5316 | 3 Libtiff, Opensuse, Opensuse Project | 3 Libtiff, Opensuse, Leap | 2018-10-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool. | |||||
| CVE-2018-12826 | 6 Adobe, Apple, Google and 3 more | 10 Flash Player, Mac Os X, Chrome Os and 7 more | 2018-10-30 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2018-12827 | 6 Adobe, Apple, Google and 3 more | 10 Flash Player, Mac Os X, Chrome Os and 7 more | 2018-10-30 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2018-12824 | 6 Adobe, Apple, Google and 3 more | 11 Flash Player, Flash Player Desktop Runtime, Mac Os X and 8 more | 2018-10-29 | 4.3 MEDIUM | 5.9 MEDIUM |
| Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2018-16438 | 1 Hdfgroup | 1 Hdf5 | 2018-10-26 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in H5L_extern_query at H5Lexternal.c. | |||||
| CVE-2018-1000668 | 1 Jsish | 1 Jsish | 2018-10-25 | 4.3 MEDIUM | 6.5 MEDIUM |
| jsish version 2.4.70 2.047 contains a CWE-125: Out-of-bounds Read vulnerability in function jsi_ObjArrayLookup (jsiObj.c:274) that can result in Crash due to segmentation fault. This attack appear to be exploitable via The victim must execute crafted javascript code. This vulnerability appears to have been fixed in 2.4.71. | |||||
| CVE-2018-16430 | 2 Debian, Gnu | 2 Debian Linux, Libextractor | 2018-10-25 | 6.8 MEDIUM | 8.8 HIGH |
| GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTOR_zip_extract_method() in zip_extractor.c. | |||||
| CVE-2017-6418 | 1 Clamav | 1 Clamav | 2018-10-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted e-mail message. | |||||
| CVE-2017-14316 | 1 Xen | 1 Xen | 2018-10-19 | 7.2 HIGH | 8.8 HIGH |
| A parameter verification issue was discovered in Xen through 4.9.x. The function `alloc_heap_pages` allows callers to specify the first NUMA node that should be used for allocations through the `memflags` parameter; the node is extracted using the `MEMF_get_node` macro. While the function checks to see if the special constant `NUMA_NO_NODE` is specified, it otherwise does not handle the case where `node >= MAX_NUMNODES`. This allows an out-of-bounds access to an internal array. | |||||
| CVE-2018-6970 | 1 Vmware | 2 Horizon Client, Horizon View | 2018-10-15 | 4.0 MEDIUM | 6.5 MEDIUM |
| VMware Horizon 6 (6.x.x before 6.2.7), Horizon 7 (7.x.x before 7.5.1), and Horizon Client (4.x.x and prior before 4.8.1) contain an out-of-bounds read vulnerability in the Message Framework library. Successfully exploiting this issue may allow a less-privileged user to leak information from a privileged process running on a system where Horizon Connection Server, Horizon Agent or Horizon Client are installed. Note: This issue doesn't apply to Horizon 6, 7 Agents installed on Linux systems or Horizon Clients installed on non-Windows systems. | |||||
| CVE-2016-7264 | 1 Microsoft | 4 Excel, Excel For Mac, Excel Viewer and 1 more | 2018-10-12 | 5.8 MEDIUM | 7.1 HIGH |
| Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, Excel for Mac 2011, and Excel 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka "Microsoft Office Information Disclosure Vulnerability." | |||||
| CVE-2016-7265 | 1 Microsoft | 4 Excel, Excel Viewer, Office Compatibility Pack and 1 more | 2018-10-12 | 5.8 MEDIUM | 7.1 HIGH |
| Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, and Excel Services on SharePoint Server 2010 SP2 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka "Microsoft Office Information Disclosure Vulnerability." | |||||