Export limit exceeded: 23180 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (23180 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-7974 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-04-20 N/A
The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-ip.c, multiple functions.
CVE-2017-7184 3 Canonical, Linux, Redhat 8 Ubuntu Linux, Linux Kernel, Enterprise Linux and 5 more 2025-04-20 7.8 High
The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52.
CVE-2014-9835 1 Imagemagick 1 Imagemagick 2025-04-20 N/A
Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file.
CVE-2014-9834 1 Imagemagick 1 Imagemagick 2025-04-20 N/A
Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file.
CVE-2016-7940 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-04-20 N/A
The STP parser in tcpdump before 4.9.0 has a buffer overflow in print-stp.c, multiple functions.
CVE-2016-7934 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-04-20 N/A
The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcp_print().
CVE-2014-9833 1 Imagemagick 1 Imagemagick 2025-04-20 N/A
Heap overflow in ImageMagick 6.8.9-9 via a crafted psd file.
CVE-2017-0898 2 Redhat, Ruby-lang 3 Enterprise Linux, Rhel Software Collections, Ruby 2025-04-20 N/A
Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a precious specifier (*) with a huge minus value. Such situation can lead to a buffer overrun, resulting in a heap memory corruption or an information disclosure from the heap.
CVE-2017-8105 2 Debian, Freetype 2 Debian Linux, Freetype 2025-04-20 N/A
FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c.
CVE-2017-8365 2 Debian, Libsndfile Project 2 Debian Linux, Libsndfile 2025-04-20 N/A
The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file.
CVE-2016-7925 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-04-20 N/A
The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in print-sl.c:sl_if_print().
CVE-2014-9832 1 Imagemagick 1 Imagemagick 2025-04-20 N/A
Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file.
CVE-2016-7923 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-04-20 N/A
The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print().
CVE-2014-9829 1 Imagemagick 1 Imagemagick 2025-04-20 6.5 Medium
coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted sun file.
CVE-2016-5010 1 Imagemagick 1 Imagemagick 2025-04-20 N/A
coders/tiff.c in ImageMagick before 6.9.5-3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF file.
CVE-2014-9825 1 Imagemagick 1 Imagemagick 2025-04-20 7.8 High
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9824.
CVE-2014-9824 1 Imagemagick 1 Imagemagick 2025-04-20 7.8 High
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9825.
CVE-2014-9823 1 Imagemagick 1 Imagemagick 2025-04-20 7.8 High
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9819.
CVE-2017-3195 1 Commvault 1 Edge 2025-04-20 9.8 Critical
Commvault Edge Communication Service (cvd) prior to version 11 SP7 or version 11 SP6 with hotfix 590 is prone to a stack-based buffer overflow vulnerability that could lead to arbitrary code execution with administrative privileges.
CVE-2017-9117 2 Canonical, Libtiff 2 Ubuntu Linux, Libtiff 2025-04-20 4 Medium
In LibTIFF 4.0.6 and possibly other versions, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, as demonstrated by a heap-based buffer over-read in bmp2tiff. NOTE: mentioning bmp2tiff does not imply that the activation point is in the bmp2tiff.c file (which was removed before the 4.0.7 release).