Total
8230 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-5827 | 1 Libical Project | 1 Libical | 2025-04-20 | 7.5 High |
| The icaltime_from_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted string to the icalparser_parse_string function. | ||||
| CVE-2016-5825 | 1 Libical Project | 1 Libical | 2025-04-20 | N/A |
| The icalparser_parse_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted ics file. | ||||
| CVE-2017-6418 | 1 Clamav | 1 Clamav | 2025-04-20 | N/A |
| libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted e-mail message. | ||||
| CVE-2017-9165 | 1 Autotrace Project | 1 Autotrace | 2025-04-20 | N/A |
| libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in color.c:17:11. | ||||
| CVE-2017-1000099 | 1 Haxx | 1 Libcurl | 2025-04-20 | N/A |
| When asking to get a file from a file:// URL, libcurl provides a feature that outputs meta-data about the file using HTTP-like headers. The code doing this would send the wrong buffer to the user (stdout or the application's provide callback), which could lead to other private data from the heap to get inadvertently displayed. The wrong buffer was an uninitialized memory area allocated on the heap and if it turned out to not contain any zero byte, it would continue and display the data following that buffer in memory. | ||||
| CVE-2016-5434 | 1 Pacman Project | 1 Pacman | 2025-04-20 | N/A |
| libalpm, as used in pacman 5.0.1, allows remote attackers to cause a denial of service (infinite loop or out-of-bounds read) via a crafted signature file. | ||||
| CVE-2017-9164 | 1 Autotrace Project | 1 Autotrace | 2025-04-20 | N/A |
| libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in color.c:16:11. | ||||
| CVE-2017-11569 | 1 Fontforge | 1 Fontforge | 2025-04-20 | N/A |
| FontForge 20161012 is vulnerable to a heap-based buffer over-read in readttfcopyrights (parsettf.c) resulting in DoS or code execution via a crafted otf file. | ||||
| CVE-2017-9155 | 1 Autotrace Project | 1 Autotrace | 2025-04-20 | N/A |
| libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the input_pnm_reader function in input-pnm.c:243:3. | ||||
| CVE-2017-12993 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2025-04-20 | N/A |
| The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c, several functions. | ||||
| CVE-2016-5321 | 2 Libtiff, Opensuse | 2 Libtiff, Opensuse | 2025-04-20 | N/A |
| The DumpModeDecode function in libtiff 4.0.6 and earlier allows attackers to cause a denial of service (invalid read and crash) via a crafted tiff image. | ||||
| CVE-2017-12596 | 1 Openexr | 1 Openexr | 2025-04-20 | N/A |
| In OpenEXR 2.2.0, a crafted image causes a heap-based buffer over-read in the hufDecode function in IlmImf/ImfHuf.cpp during exrmaketiled execution; it may result in denial of service or possibly unspecified other impact. | ||||
| CVE-2016-5315 | 2 Debian, Libtiff | 2 Debian Linux, Libtiff | 2025-04-20 | N/A |
| The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image. | ||||
| CVE-2017-11035 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, possible buffer overflow or information leak in the functions "sme_set_ft_ies" and "csr_roam_issue_ft_preauth_req" due to incorrect initialization of WEXT callbacks and lack of the checks for buffer size. | ||||
| CVE-2017-9154 | 1 Autotrace Project | 1 Autotrace | 2025-04-20 | N/A |
| libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the GET_COLOR function in color.c:16:11. | ||||
| CVE-2017-3731 | 3 Nodejs, Openssl, Redhat | 4 Node.js, Openssl, Enterprise Linux and 1 more | 2025-04-20 | 7.5 High |
| If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can be triggered when using CHACHA20/POLY1305; users should upgrade to 1.1.0d. For Openssl 1.0.2, the crash can be triggered when using RC4-MD5; users who have not disabled that algorithm should update to 1.0.2k. | ||||
| CVE-2017-9128 | 1 Libquicktime | 1 Libquicktime | 2025-04-20 | N/A |
| The quicktime_video_width function in lqt_quicktime.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted mp4 file. | ||||
| CVE-2016-5040 | 1 Libdwarf Project | 1 Libdwarf | 2025-04-20 | 7.5 High |
| libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a large length value in a compilation unit header. | ||||
| CVE-2016-5036 | 1 Libdwarf Project | 1 Libdwarf | 2025-04-20 | 7.5 High |
| The dump_block function in print_sections.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted frame data. | ||||
| CVE-2016-5035 | 1 Libdwarf Project | 1 Libdwarf | 2025-04-20 | 6.5 Medium |
| The _dwarf_read_line_table_header function in dwarf_line_table_reader.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. | ||||