Search Results (15974 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-10743 2 Microsoft, Xnview 2 Windows, Xnview 2025-04-20 N/A
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Stack Buffer Overrun (/GS Exception) starting at ntdll_77df0000!LdrpInitializeNode+0x000000000000015b."
CVE-2016-10207 3 Opensuse, Redhat, Tigervnc 3 Leap, Enterprise Linux, Tigervnc 2025-04-20 N/A
The Xvnc server in TigerVNC allows remote attackers to cause a denial of service (invalid memory access and crash) by terminating a TLS handshake early.
CVE-2016-10191 1 Ffmpeg 1 Ffmpeg 2025-04-20 N/A
Heap-based buffer overflow in libavformat/rtmppkt.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check for RTMP packet size mismatches.
CVE-2017-11845 1 Microsoft 2 Edge, Windows 10 2025-04-20 N/A
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how Microsoft Edge handles objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability".
CVE-2017-11838 1 Microsoft 10 Chakracore, Edge, Internet Explorer and 7 more 2025-04-20 N/A
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873.
CVE-2017-11643 1 Graphicsmagick 1 Graphicsmagick 2025-04-20 N/A
GraphicsMagick 1.3.26 has a heap overflow in the WriteCMYKImage() function in coders/cmyk.c when processing multiple frames that have non-identical widths.
CVE-2017-10978 3 Debian, Freeradius, Redhat 9 Debian Linux, Freeradius, Enterprise Linux and 6 more 2025-04-20 N/A
An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "Read / write overflow in make_secret()" and a denial of service.
CVE-2017-7096 2 Apple, Microsoft 6 Icloud, Iphone Os, Itunes and 3 more 2025-04-20 N/A
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-7091 2 Apple, Microsoft 6 Icloud, Iphone Os, Itunes and 3 more 2025-04-20 N/A
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2014-9836 1 Imagemagick 1 Imagemagick 2025-04-20 N/A
ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service via a crafted xpm file.
CVE-2014-9825 1 Imagemagick 1 Imagemagick 2025-04-20 7.8 High
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9824.
CVE-2017-1000198 2 Redhat, Tcmu-runner Project 2 Storage, Tcmu-runner 2025-04-20 N/A
tcmu-runner daemon version 0.9.0 to 1.2.0 is vulnerable to invalid memory references in the handler_glfs.so handler resulting in denial of service
CVE-2017-1000187 1 Swftools 1 Swftools 2025-04-20 N/A
In SWFTools, an address access exception was found in pdf2swf. FoFiTrueType::writeTTF()
CVE-2017-1000176 1 Swftools 1 Swftools 2025-04-20 N/A
In SWFTools, a memcpy buffer overflow was found in swfc.
CVE-2017-0405 1 Google 1 Android 2025-04-20 N/A
A remote code execution vulnerability in Surfaceflinger could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Surfaceflinger process. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-31960359.
CVE-2017-9710 1 Google 1 Android 2025-04-20 N/A
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, IOCTL interface to send QMI NOTIFY REQ messages can be called from multiple contexts which can result in buffer overflow of msg cache.
CVE-2016-10046 1 Imagemagick 1 Imagemagick 2025-04-20 N/A
Heap-based buffer overflow in the DrawImage function in magick/draw.c in ImageMagick before 6.9.5-5 allows remote attackers to cause a denial of service (application crash) via a crafted image file.
CVE-2017-0293 1 Microsoft 7 Edge, Windows 10, Windows 8.1 and 4 more 2025-04-20 N/A
Microsoft Windows PDF Library in Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability when it improperly handles objects in memory, aka "Windows PDF Remote Code Execution Vulnerability".
CVE-2014-9840 1 Imagemagick 1 Imagemagick 2025-04-20 N/A
ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted palm file.
CVE-2016-5796 1 Fatek 2 Automation Fv Designer, Automation Pm Designer 2025-04-20 N/A
An issue was discovered in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0. Sending additional valid packets could allow the attacker to cause a crash or to execute arbitrary code, because of Improper Restriction of Operations within the Bounds of a Memory Buffer.