Export limit exceeded: 363020 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363020 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (23156 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-1923 1 Uclouvain 1 Openjpeg 2025-04-12 N/A
Heap-based buffer overflow in the opj_j2k_update_image_data function in OpenJpeg 2016.1.18 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image.
CVE-2016-1924 1 Uclouvain 1 Openjpeg 2025-04-12 N/A
The opj_tgt_reset function in OpenJpeg 2016.1.18 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image.
CVE-2016-1982 1 Privoxy 1 Privoxy 2025-04-12 N/A
The remove_chunked_transfer_coding function in filters.c in Privoxy before 3.0.24 allows remote attackers to cause a denial of service (invalid read and crash) via crafted chunk-encoded content.
CVE-2016-1983 1 Privoxy 1 Privoxy 2025-04-12 N/A
The client_host function in parsers.c in Privoxy before 3.0.24 allows remote attackers to cause a denial of service (invalid read and crash) via an empty HTTP Host header.
CVE-2016-2383 3 Canonical, Linux, Opensuse 3 Ubuntu Linux, Linux Kernel, Leap 2025-04-12 5.5 Medium
The adjust_branches function in kernel/bpf/verifier.c in the Linux kernel before 4.5 does not consider the delta in the backward-jump case, which allows local users to obtain sensitive information from kernel memory by creating a packet filter and then loading crafted BPF instructions.
CVE-2016-3142 3 Apple, Php, Redhat 3 Mac Os X, Php, Rhel Software Collections 2025-04-12 N/A
The phar_parse_zipfile function in zip.c in the PHAR extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) by placing a PK\x05\x06 signature at an invalid location.
CVE-2016-2554 2 Php, Redhat 2 Php, Rhel Software Collections 2025-04-12 N/A
Stack-based buffer overflow in ext/phar/tar.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TAR archive.
CVE-2016-1526 5 Debian, Fedoraproject, Mozilla and 2 more 6 Debian Linux, Fedora, Firefox and 3 more 2025-04-12 N/A
The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, incorrectly validates a size value, which allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font.
CVE-2016-1541 2 Libarchive, Redhat 2 Libarchive, Enterprise Linux 2025-04-12 N/A
Heap-based buffer overflow in the zip_read_mac_metadata function in archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote attackers to execute arbitrary code via crafted entry-size values in a ZIP archive.
CVE-2015-3416 6 Apple, Canonical, Debian and 3 more 7 Mac Os X, Watchos, Ubuntu Linux and 4 more 2025-04-12 N/A
The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement.
CVE-2015-2697 6 Canonical, Debian, Mit and 3 more 9 Ubuntu Linux, Debian Linux, Kerberos 5 and 6 more 2025-04-12 N/A
The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\0' character in a long realm field within a TGS request.
CVE-2015-2717 2 Mozilla, Opensuse 2 Firefox, Opensuse 2025-04-12 N/A
Integer overflow in libstagefright in Mozilla Firefox before 38.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and out-of-bounds read) via an MP4 video file containing invalid metadata.
CVE-2015-1472 3 Canonical, Gnu, Redhat 4 Ubuntu Linux, Glibc, Enterprise Linux and 1 more 2025-04-12 N/A
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long line containing wide characters that are improperly handled in a wscanf call.
CVE-2015-4001 1 Linux 1 Linux Kernel 2025-04-12 7.5 High
Integer signedness error in the oz_hcd_get_desc_cnf function in drivers/staging/ozwpan/ozhcd.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted packet.
CVE-2015-4144 2 Opensuse, W1.fi 3 Opensuse, Hostapd, Wpa Supplicant 2025-04-12 N/A
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate that a message is long enough to contain the Total-Length field, which allows remote attackers to cause a denial of service (crash) via a crafted message.
CVE-2015-3258 4 Canonical, Debian, Linuxfoundation and 1 more 4 Ubuntu Linux, Debian Linux, Cups-filters and 1 more 2025-04-12 N/A
Heap-based buffer overflow in the WriteProlog function in filter/texttopdf.c in texttopdf in cups-filters before 1.0.70 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a small line size in a print job.
CVE-2015-4819 6 Canonical, Debian, Fedoraproject and 3 more 16 Ubuntu Linux, Debian Linux, Fedora and 13 more 2025-04-12 N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client programs.
CVE-2015-3717 2 Apple, Sqlite 3 Iphone Os, Mac Os X, Sqlite 2025-04-12 N/A
Multiple buffer overflows in the printf functionality in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
CVE-2015-4507 1 Mozilla 1 Firefox 2025-04-12 N/A
The SavedStacks class in the JavaScript implementation in Mozilla Firefox before 41.0, when the Debugger API is enabled, allows remote attackers to cause a denial of service (getSlotRef assertion failure and application exit) or possibly execute arbitrary code via a crafted web site.
CVE-2015-4508 1 Mozilla 1 Firefox 2025-04-12 N/A
Mozilla Firefox before 41.0, when reader mode is enabled, allows remote attackers to spoof the relationship between address-bar URLs and web content via a crafted web site.