Search Results (8702 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-4652 1 Apple 1 Mac Os X 2025-04-12 N/A
CoreGraphics in Apple OS X before 10.11.6 allows local users to obtain sensitive information from kernel memory and consequently gain privileges, or cause a denial of service (out-of-bounds read), via unspecified vectors.
CVE-2014-9653 4 Debian, File Project, Php and 1 more 4 Debian Linux, File, Php and 1 more 2025-04-12 N/A
readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service (uninitialized memory access) or possibly have unspecified other impact via a crafted ELF file.
CVE-2016-2091 1 Libdwarf Project 1 Libdwarf 2025-04-12 3.3 Low
The dwarf_read_cie_fde_prefix function in dwarf_frame2.c in libdwarf 20151114 allows attackers to cause a denial of service (out-of-bounds read) via a crafted ELF object file.
CVE-2015-2059 3 Fedoraproject, Gnu, Opensuse 3 Fedora, Libidn, Opensuse 2025-04-12 N/A
The stringprep_utf8_to_ucs4 function in libin before 1.31, as used in jabberd2, allows context-dependent attackers to read system memory and possibly have other unspecified impact via invalid UTF-8 characters in a string, which triggers an out-of-bounds read.
CVE-2015-8919 4 Canonical, Libarchive, Novell and 1 more 6 Ubuntu Linux, Libarchive, Suse Linux Enterprise Desktop and 3 more 2025-04-12 N/A
The lha_read_file_extended_header function in archive_read_support_format_lha.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap) via a crafted (1) lzh or (2) lha file.
CVE-2016-1983 1 Privoxy 1 Privoxy 2025-04-12 N/A
The client_host function in parsers.c in Privoxy before 3.0.24 allows remote attackers to cause a denial of service (invalid read and crash) via an empty HTTP Host header.
CVE-2015-8921 4 Canonical, Libarchive, Novell and 1 more 6 Ubuntu Linux, Libarchive, Suse Linux Enterprise Desktop and 3 more 2025-04-12 N/A
The ae_strtofflags function in archive_entry.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.
CVE-2015-0826 3 Canonical, Mozilla, Opensuse 3 Ubuntu Linux, Firefox, Opensuse 2025-04-12 N/A
The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read of heap memory) via a crafted Cascading Style Sheets (CSS) token sequence that triggers a restyle or reflow operation.
CVE-2014-3145 5 Canonical, Debian, Linux and 2 more 6 Ubuntu Linux, Debian Linux, Linux Kernel and 3 more 2025-04-12 N/A
The BPF_S_ANC_NLATTR_NEST extension implementation in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 uses the reverse order in a certain subtraction, which allows local users to cause a denial of service (over-read and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr_nest function before the vulnerability was announced.
CVE-2016-7265 1 Microsoft 4 Excel, Excel Viewer, Office Compatibility Pack and 1 more 2025-04-12 N/A
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, and Excel Services on SharePoint Server 2010 SP2 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka "Microsoft Office Information Disclosure Vulnerability."
CVE-2014-7185 3 Apple, Python, Redhat 4 Mac Os X, Python, Enterprise Linux and 1 more 2025-04-12 N/A
Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function.
CVE-2015-1246 3 Debian, Google, Redhat 3 Debian Linux, Chrome, Rhel Extras 2025-04-12 N/A
Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
CVE-2015-1859 3 Digia, Fedoraproject, Qt 3 Qt, Fedora, Qt 2025-04-12 N/A
Multiple buffer overflows in plugins/imageformats/ico/qicohandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted ICO image.
CVE-2016-6263 1 Gnu 1 Libidn 2025-04-12 N/A
The stringprep_utf8_nfkc_normalize function in lib/nfkc.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted UTF-8 data.
CVE-2016-9797 1 Bluez 1 Bluez 2025-04-12 N/A
In BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
CVE-2016-9918 1 Bluez Project 1 Bluez 2025-04-12 N/A
In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.
CVE-2015-8924 4 Canonical, Libarchive, Novell and 1 more 6 Ubuntu Linux, Libarchive, Suse Linux Enterprise Desktop and 3 more 2025-04-12 N/A
The archive_read_format_tar_read_header function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tar file.
CVE-2015-8925 4 Canonical, Libarchive, Redhat and 1 more 6 Ubuntu Linux, Libarchive, Enterprise Linux and 3 more 2025-04-12 N/A
The readline function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read) via a crafted mtree file, related to newline parsing.
CVE-2016-2291 1 Schneider-electric 4 Proface Gp-pro Ex Ex-ed, Proface Gp-pro Ex Pfxexedls, Proface Gp-pro Ex Pfxexedv and 1 more 2025-04-12 6.5 Medium
Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 allow remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
CVE-2015-4840 2 Oracle, Redhat 6 Jdk, Jre, Enterprise Linux and 3 more 2025-04-12 N/A
Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via unknown vectors related to 2D.