Total
11736 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-35895 | 1 Stack Project | 1 Stack | 2022-12-14 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in the stack crate before 0.3.1 for Rust. ArrayVec has an out-of-bounds write via element insertion. | |||||
| CVE-2017-14446 | 1 Insteon | 2 Hub, Hub Firmware | 2022-12-14 | 8.0 HIGH | 9.9 CRITICAL |
| An exploitable stack-based buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation unsafely extracts parameters from the query string, leading to a buffer overflow on the stack. An attacker can send an HTTP GET request to trigger this vulnerability. | |||||
| CVE-2017-12122 | 2 Debian, Libsdl | 2 Debian Linux, Sdl Image | 2022-12-14 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2_image-2.0.2. A specially crafted ILBM image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. | |||||
| CVE-2016-9054 | 1 Aerospike | 1 Database Server | 2022-12-14 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause a stack-based buffer overflow in the function as_sindex__simatch_list_by_set_binid resulting in remote code execution. An attacker can simply connect to the port to trigger this vulnerability. | |||||
| CVE-2016-9043 | 1 Corel | 1 Coreldraw | 2022-12-14 | 6.8 MEDIUM | 7.8 HIGH |
| An out of bound write vulnerability exists in the EMF parsing functionality of CorelDRAW X8 (CdrGfx - Corel Graphics Engine (64-Bit) - 18.1.0.661). A specially crafted EMF file can cause a vulnerability resulting in potential code execution. An attacker can send the victim a specific EMF file to trigger this vulnerability. | |||||
| CVE-2016-8713 | 1 Gonitro | 1 Nitro Pdf Pro | 2022-12-13 | 6.8 MEDIUM | 7.8 HIGH |
| A remote out of bound write / memory corruption vulnerability exists in the PDF parsing functionality of Nitro Pro 10.5.9.9. A specially crafted PDF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific PDF file to trigger this vulnerability. | |||||
| CVE-2016-8710 | 1 Libbpg Project | 1 Libbpg | 2022-12-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable heap write out of bounds vulnerability exists in the decoding of BPG images in Libbpg library. A crafted BPG image decoded by libbpg can cause an integer underflow vulnerability causing an out of bounds heap write leading to remote code execution. This vulnerability can be triggered via attempting to decode a crafted BPG image using Libbpg. | |||||
| CVE-2016-8709 | 1 Gonitro | 1 Nitro Pdf Pro | 2022-12-13 | 6.8 MEDIUM | 7.8 HIGH |
| A remote out of bound write / memory corruption vulnerability exists in the PDF parsing functionality of Nitro Pro 10. A specially crafted PDF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific PDF file to trigger this vulnerability. | |||||
| CVE-2016-8707 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2022-12-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks's convert utility. A crafted TIFF document can lead to an out of bounds write which in particular circumstances could be leveraged into remote code execution. The vulnerability can be triggered through any user controlled TIFF that is handled by this functionality. | |||||
| CVE-2016-8390 | 1 Cryptic-apps | 1 Hopper Disassembler | 2022-12-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable out of bounds write vulnerability exists in the parsing of ELF Section Headers of Hopper Disassembler 3.11.20. A specially crafted ELF file can cause attacker controlled pointer arithmetic resulting in a partially controlled out of bounds write. An attacker can craft an ELF file with specific section headers to trigger this vulnerability. | |||||
| CVE-2010-4604 | 2 Ibm, Linux | 2 Tivoli Storage Manager, Linux Kernel | 2022-12-13 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in the GeneratePassword function in dsmtca (aka the Trusted Communications Agent or TCA) in the backup-archive client in IBM Tivoli Storage Manager (TSM) 5.3.x before 5.3.6.10, 5.4.x before 5.4.3.4, 5.5.x before 5.5.2.10, and 6.1.x before 6.1.3.1 on Unix and Linux allows local users to gain privileges by specifying a long LANG environment variable, and then sending a request over a pipe. | |||||
| CVE-2016-8386 | 1 Iceni | 1 Argus | 2022-12-13 | 9.3 HIGH | 7.8 HIGH |
| An exploitable heap-based buffer overflow exists in Iceni Argus. When it attempts to convert a PDF containing a malformed font to XML, the tool will attempt to use a size out of the font to search through a linked list of buffers to return. Due to a signedness issue, a buffer smaller than the requested size will be returned. Later when the tool tries to populate this buffer, the overflow will occur which can lead to code execution under the context of the user running the tool. | |||||
| CVE-2016-8387 | 1 Iceni | 1 Argus | 2022-12-13 | 9.3 HIGH | 7.8 HIGH |
| An exploitable heap-based buffer overflow exists in Iceni Argus. When it attempts to convert a malformed PDF with an object encoded w/ multiple encoding types terminating with an LZW encoded type, an overflow may occur due to a lack of bounds checking by the LZW decoder. This can lead to code execution under the context of the account of the user running it. | |||||
| CVE-2016-8385 | 1 Iceni | 1 Argus | 2022-12-13 | 9.3 HIGH | 7.8 HIGH |
| An exploitable uninitialized variable vulnerability which leads to a stack-based buffer overflow exists in Iceni Argus. When it attempts to convert a malformed PDF to XML a stack variable will be left uninitialized which will later be used to fetch a length that is used in a copy operation. In most cases this will allow an aggressor to write outside the bounds of a stack buffer which is used to contain colors. This can lead to code execution under the context of the account running the tool. | |||||
| CVE-2016-9051 | 1 Aerospike | 1 Database Server | 2022-12-13 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable out-of-bounds write vulnerability exists in the batch transaction field parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds write resulting in memory corruption which can lead to remote code execution. An attacker can simply connect to the port to trigger this vulnerability. | |||||
| CVE-2016-9052 | 1 Aerospike | 1 Database Server | 2022-12-13 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause a stack-based buffer overflow in the function as_sindex__simatch_by_iname resulting in remote code execution. An attacker can simply connect to the port to trigger this vulnerability. | |||||
| CVE-2016-8730 | 1 Corel | 1 Coreldraw Photo Paint X8 | 2022-12-13 | 6.8 MEDIUM | 7.8 HIGH |
| An of bound write / memory corruption vulnerability exists in the GIF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661. A specially crafted GIF file can cause a vulnerability resulting in potential memory corruption resulting in code execution. An attacker can send the victim a specific GIF file to trigger this vulnerability. | |||||
| CVE-2016-8728 | 1 Artifex | 1 Mupdf | 2022-12-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process memory corruption leading to potential code execution. Victim needs to open the specially crafted file in a vulnerable reader in order to trigger this vulnerability. | |||||
| CVE-2019-14274 | 2 Mcpp Project, Opensuse | 3 Mcpp, Backports Sle, Leap | 2022-12-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| MCPP 2.7.2 has a heap-based buffer overflow in the do_msg() function in support.c. | |||||
| CVE-2021-20298 | 2 Debian, Openexr | 2 Debian Linux, Openexr | 2022-12-13 | N/A | 7.5 HIGH |
| A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to exhaust all memory accessible to the application. The highest threat from this vulnerability is to system availability. | |||||