Total
2942 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-2342 | 3 Debian, Quagga, Redhat | 3 Debian Linux, Quagga, Enterprise Linux | 2025-04-12 | N/A |
| The bgp_nlri_parse_vpnv4 function in bgp_mplsvpn.c in the VPNv4 NLRI parser in bgpd in Quagga before 1.0.20160309, when a certain VPNv4 configuration is used, relies on a Labeled-VPN SAFI routes-data length field during a data copy, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted packet. | ||||
| CVE-2016-7416 | 2 Php, Redhat | 2 Php, Rhel Software Collections | 2025-04-12 | N/A |
| ext/intl/msgformat/msgformat_format.c in PHP before 5.6.26 and 7.x before 7.0.11 does not properly restrict the locale length provided to the Locale class in the ICU library, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a MessageFormatter::formatMessage call with a long first argument. | ||||
| CVE-2016-7415 | 1 Icu-project | 1 International Components For Unicode | 2025-04-12 | N/A |
| Stack-based buffer overflow in the Locale class in common/locid.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long locale string. | ||||
| CVE-2014-8884 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Eus | 2025-04-12 | N/A |
| Stack-based buffer overflow in the ttusbdecfe_dvbs_diseqc_send_master_cmd function in drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before 3.17.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via a large message length in an ioctl call. | ||||
| CVE-2015-5158 | 1 Qemu | 1 Qemu | 2025-04-12 | 5.5 Medium |
| Stack-based buffer overflow in hw/scsi/scsi-bus.c in QEMU, when built with SCSI-device emulation support, allows guest OS users with CAP_SYS_RAWIO permissions to cause a denial of service (instance crash) via an invalid opcode in a SCSI command descriptor block. | ||||
| CVE-2015-8723 | 1 Wireshark | 1 Wireshark | 2025-04-12 | N/A |
| The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet. | ||||
| CVE-2014-2241 | 2 Canonical, Freetype | 2 Ubuntu Linux, Freetype | 2025-04-12 | N/A |
| The (1) cf2_initLocalRegionBuffer and (2) cf2_initGlobalRegionBuffer functions in cff/cf2ft.c in FreeType before 2.5.3 do not properly check if a subroutine exists, which allows remote attackers to cause a denial of service (assertion failure), as demonstrated by a crafted ttf file. | ||||
| CVE-2016-3186 | 3 Libtiff, Opensuse, Redhat | 3 Libtiff, Opensuse, Enterprise Linux | 2025-04-12 | N/A |
| Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted GIF file. | ||||
| CVE-2015-8837 | 3 Debian, Fedoraproject, Fuseiso Project | 3 Debian Linux, Fedora, Fuseiso | 2025-04-12 | N/A |
| Stack-based buffer overflow in the isofs_real_readdir function in isofs.c in FuseISO 20070708 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long pathname in an ISO file. | ||||
| CVE-2016-7170 | 3 Debian, Opensuse, Qemu | 3 Debian Linux, Leap, Qemu | 2025-04-12 | 4.4 Medium |
| The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to cursor.mask[] and cursor.image[] array sizes when processing a DEFINE_CURSOR svga command. | ||||
| CVE-2015-8725 | 1 Wireshark | 1 Wireshark | 2025-04-12 | N/A |
| The dissect_diameter_base_framed_ipv6_prefix function in epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the IPv6 prefix length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet. | ||||
| CVE-2016-7042 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more | 2025-04-12 | N/A |
| The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file. | ||||
| CVE-2014-6055 | 4 Debian, Fedoraproject, Libvncserver and 1 more | 7 Debian Linux, Fedora, Libvncserver and 4 more | 2025-04-12 | N/A |
| Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a (1) long file or (2) directory name or the (3) FileTime attribute in a rfbFileTransferOffer message. | ||||
| CVE-2016-4463 | 3 Apache, Debian, Redhat | 4 Xerces-c\+\+, Debian Linux, Enterprise Linux and 1 more | 2025-04-12 | N/A |
| Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD. | ||||
| CVE-2014-2830 | 1 Debian | 1 Cifs-utils | 2025-04-12 | N/A |
| Stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils before 6.4, as used in pam_cifscreds, allows remote attackers to have unspecified impact via unknown vectors. | ||||
| CVE-2016-2063 | 1 Linux | 1 Linux Kernel | 2025-04-12 | 7.8 High |
| Stack-based buffer overflow in the supply_lm_input_write function in drivers/thermal/supply_lm_core.c in the MSM Thermal driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted application that sends a large amount of data through the debugfs interface. | ||||
| CVE-2016-4429 | 3 Canonical, Gnu, Opensuse | 4 Ubuntu Linux, Glibc, Leap and 1 more | 2025-04-12 | 5.9 Medium |
| Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of crafted ICMP and UDP packets. | ||||
| CVE-2014-8503 | 4 Canonical, Fedoraproject, Gnu and 1 more | 4 Ubuntu Linux, Fedora, Binutils and 1 more | 2025-04-12 | N/A |
| Stack-based buffer overflow in the ihex_scan function in bfd/ihex.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted ihex file. | ||||
| CVE-2016-1234 | 3 Fedoraproject, Gnu, Opensuse | 4 Fedora, Glibc, Leap and 1 more | 2025-04-12 | N/A |
| Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-dependent attackers to cause a denial of service (crash) via a long name. | ||||
| CVE-2015-8019 | 1 Linux | 1 Linux Kernel | 2025-04-12 | N/A |
| The skb_copy_and_csum_datagram_iovec function in net/core/datagram.c in the Linux kernel 3.14.54 and 3.18.22 does not accept a length argument, which allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write system call followed by a recvmsg system call. | ||||