Search Results (3395 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2011-5129 1 Xchat 1 Xchat 2025-04-11 N/A
Heap-based buffer overflow in XChat 2.8.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long response string.
CVE-2011-3026 5 Apple, Google, Opensuse and 2 more 8 Iphone Os, Mac Os X, Mac Os X Server and 5 more 2025-04-11 N/A
Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.
CVE-2010-2642 3 Redhat, T1lib, Tug 4 Enterprise Linux, Evince, T1lib and 1 more 2025-04-11 N/A
Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.
CVE-2010-2810 1 Lynx 1 Lynx 2025-04-11 N/A
Heap-based buffer overflow in the convert_to_idna function in WWW/Library/Implementation/HTParse.c in Lynx 2.8.8dev.1 through 2.8.8dev.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed URL containing a % (percent) character in the domain name.
CVE-2013-4397 2 Feep, Redhat 2 Libtar, Enterprise Linux 2025-04-11 N/A
Multiple integer overflows in the th_read function in lib/block.c in libtar before 1.2.20 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) name or (2) link in an archive, which triggers a heap-based buffer overflow.
CVE-2013-2064 7 Canonical, Debian, Fedoraproject and 4 more 7 Ubuntu Linux, Debian Linux, Fedora and 4 more 2025-04-11 N/A
Integer overflow in X.org libxcb 1.9 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the read_packet function.
CVE-2013-4243 3 Debian, Libtiff, Redhat 3 Debian Linux, Libtiff, Enterprise Linux 2025-04-11 N/A
Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted height and width values in a GIF image.
CVE-2023-36824 2 Fedoraproject, Redis 2 Fedora, Redis 2025-04-10 7.4 High
Redis is an in-memory database that persists on disk. In Redit 7.0 prior to 7.0.12, extracting key names from a command and a list of arguments may, in some cases, trigger a heap overflow and result in reading random heap memory, heap corruption and potentially remote code execution. Several scenarios that may lead to authenticated users executing a specially crafted `COMMAND GETKEYS` or `COMMAND GETKEYSANDFLAGS`and authenticated users who were set with ACL rules that match key names, executing a specially crafted command that refers to a variadic list of key names. The vulnerability is patched in Redis 7.0.12.
CVE-2022-40661 1 Nikon 1 Nis-elements Viewer 2025-04-10 7.8 High
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15134.
CVE-2023-45591 1 Ailux 1 Imx6 2025-04-10 7.5 High
A CWE-122 “Heap-based Buffer Overflow” vulnerability in the “logger_generic” function of the “Ax_rtu” binary allows a remote authenticated attacker to trigger a memory corruption in the context of the binary. This may result in a Denial-of-Service (DoS) condition, possibly in the execution of arbitrary code with the same privileges of the process (root), or have other unspecified impacts on the device. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2.
CVE-2022-4801 1 Usememos 1 Memos 2025-04-10 5.3 Medium
Insufficient Granularity of Access Control in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4813 1 Usememos 1 Memos 2025-04-10 4.3 Medium
Insufficient Granularity of Access Control in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-44428 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-04-10 5.5 Medium
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
CVE-2022-44427 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-04-10 5.5 Medium
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
CVE-2022-44430 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-04-10 5.5 Medium
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
CVE-2022-44429 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-04-10 5.5 Medium
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
CVE-2021-3966 1 Zephyrproject 1 Zephyr 2025-04-09 9.6 Critical
usb device bluetooth class includes a buffer overflow related to implementation of net_buf_add_mem.
CVE-2023-0049 2 Fedoraproject, Vim 2 Fedora, Vim 2025-04-09 7.8 High
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143.
CVE-2023-0051 1 Vim 1 Vim 2025-04-09 7.8 High
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1144.
CVE-2023-29370 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2025-04-08 7.8 High
Windows Media Remote Code Execution Vulnerability