Total
12649 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-8618 | 1 Microsoft | 8 Internet Explorer, Windows 10, Windows 7 and 5 more | 2024-09-17 | N/A |
| Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 Internet Explorer in the way affected Microsoft scripting engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-8596, CVE-2017-8610, CVE-2017-8601, CVE-2017-8603, CVE-2017-8604, CVE-2017-8605, CVE-2017-8606, CVE-2017-8607, CVE-2017-8608, CVE-2017-8619, CVE-2017-9598 and CVE-2017-8609. | ||||
| CVE-2018-12112 | 1 Md4c Project | 1 Md4c | 2024-09-17 | N/A |
| md_build_attribute in md4c.c in md4c 0.2.6 allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact via a crafted file. | ||||
| CVE-2017-11895 | 1 Microsoft | 10 Chakracore, Edge, Internet Explorer and 7 more | 2024-09-17 | N/A |
| ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930. | ||||
| CVE-2018-8793 | 3 Debian, Opensuse, Rdesktop | 3 Debian Linux, Leap, Rdesktop | 2024-09-17 | 9.8 Critical |
| rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function cssp_read_tsrequest() that results in a memory corruption and probably even a remote code execution. | ||||
| CVE-2017-8619 | 1 Microsoft | 3 Edge, Windows 10, Windows Server 2016 | 2024-09-17 | N/A |
| Microsoft Edge on Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way affected Microsoft scripting engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-8596, CVE-2017-8610, CVE-2017-8601, CVE-2017-8603, CVE-2017-8604, CVE-2017-8605, CVE-2017-8606, CVE-2017-8607, CVE-2017-8608, CVE-2017-8618, CVE-2017-9598 and CVE-2017-8609. | ||||
| CVE-2007-6442 | 2024-09-17 | N/A | ||
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6114. Reason: This candidate is a duplicate of CVE-2007-6114. Notes: All CVE users should reference CVE-2007-6114 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | ||||
| CVE-2017-0357 | 2 Debian, Iucode-tool Project | 2 Debian Linux, Iucode-tool | 2024-09-17 | N/A |
| A heap-overflow flaw exists in the -tr loader of iucode-tool starting with v1.4 and before v2.1.1, potentially leading to SIGSEGV, or heap corruption. | ||||
| CVE-2018-3874 | 1 Samsung | 2 Sth-eth-250, Sth-eth-250 Firmware | 2024-09-17 | 9.9 Critical |
| An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 32 bytes. An attacker can send an arbitrarily long "accessKey" value in order to exploit this vulnerability. | ||||
| CVE-2011-4535 | 2 Craig Peterson, Scadatec | 3 Turbopower Abbrevia, Modbustagserver, Scadaphone | 2024-09-17 | N/A |
| Buffer overflow in TurboPower Abbrevia before 4.0, as used in ScadaTEC ScadaPhone 5.3.11.1230 and earlier, ScadaTEC ModbusTagServer 4.1.1.81 and earlier, and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ZIP file. | ||||
| CVE-2021-32537 | 1 Realtek | 1 Hda Driver | 2024-09-17 | 6.5 Medium |
| Realtek HAD contains a driver crashed vulnerability which allows local side attackers to send a special string to the kernel driver in a user’s mode. Due to unexpected commands, the kernel driver will cause the system crashed. | ||||
| CVE-2010-1808 | 1 Apple | 3 Apple Type Services, Mac Os X, Mac Os X Server | 2024-09-17 | N/A |
| Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded font in a document. | ||||
| CVE-2015-9041 | 1 Google | 1 Android | 2024-09-17 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists when performing WCDMA radio tuning. | ||||
| CVE-2017-2698 | 1 Huawei | 2 P8, P8 Firmware | 2024-09-17 | N/A |
| The ddr_devfreq driver in versions earlier than GRA-UL00C00B197 has buffer overflow vulnerability. An attacker with the root privilege of the Android system can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to crash the system or escalate privilege. | ||||
| CVE-2017-11792 | 1 Microsoft | 3 Chakracore, Edge, Windows 10 | 2024-09-17 | N/A |
| ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allow an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11793, CVE-2017-11796, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821. | ||||
| CVE-2017-11807 | 1 Microsoft | 3 Chakracore, Edge, Windows 10 | 2024-09-17 | N/A |
| ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821. | ||||
| CVE-2015-8593 | 1 Google | 1 Android | 2024-09-17 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in 1x call processing. | ||||
| CVE-2011-5122 | 1 Comodo | 1 Comodo Internet Security | 2024-09-17 | N/A |
| The Antivirus component in Comodo Internet Security before 5.3.175888.1227 allows remote attackers to cause a denial of service (application crash) via a crafted compressed file. | ||||
| CVE-2011-4186 | 2 Microsoft, Novell | 2 Windows, Iprint | 2024-09-17 | N/A |
| Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a crafted client-file-name parameter in a printer-url, a different vulnerability than CVE-2011-1705. | ||||
| CVE-2013-1226 | 1 Cisco | 5 Nexus 7000, Nexus 7000 10-slot, Nexus 7000 18-slot and 2 more | 2024-09-17 | N/A |
| The Ethernet frame-forwarding implementation in Cisco NX-OS on Nexus 7000 devices allows remote attackers to cause a denial of service (forwarding loop and service outage) via a crafted frame, aka Bug ID CSCug47098. | ||||
| CVE-2015-9181 | 1 Qualcomm | 46 Msm8909w, Msm8909w Firmware, Sd 205 and 43 more | 2024-09-17 | N/A |
| In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SD 835, in a crypto API function, a buffer over-read can occur. | ||||