| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The IBM Tivoli Storage Manager (IBM Spectrum Protect) AIX client is vulnerable to a buffer overflow when Journal-Based Backup is enabled. A local attacker could overflow a buffer and execute arbitrary code on the system or cause a system crash. |
| An issue was discovered in Adobe Digital Editions 4.5.6 and earlier versions. An exploitable memory corruption vulnerability exists, which could lead to disclosure of memory addresses. |
| An issue was discovered in Adobe Digital Editions 4.5.6 and earlier versions. An exploitable memory corruption vulnerability exists, which could lead to disclosure of memory addresses. |
| A denial of service vulnerability in the Android media framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36215950. |
| A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-35195787. References: B-RB#120532. |
| Creolabs Gravity version 1.0 is vulnerable to a stack overflow in the string_repeat() function. |
| A elevation of privilege vulnerability in the Android framework (wi-fi service). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37207928. |
| A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36998372. |
| A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-38448381. |
| In SWFTools, an address access exception was found in swfdump swf_GetBits(). |
| In SWFTools, a memcpy buffer overflow was found in swfc. |
| tcmu-runner daemon version 0.9.0 to 1.2.0 is vulnerable to invalid memory references in the handler_glfs.so handler resulting in denial of service |
| picoTCP (versions 1.7.0 - 1.5.0) is vulnerable to stack buffer overflow resulting in code execution or denial of service attack |
| A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors. |
| A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors. |
| NetBSD maps the run-time link-editor ld.so directly below the stack region, even if ASLR is enabled, this allows attackers to more easily manipulate memory leading to arbitrary code execution. This affects NetBSD 7.1 and possibly earlier versions. |
| An issue was discovered in Adobe DNG Converter 9.12.1 and earlier versions. An exploitable memory corruption vulnerability exists. Successful exploitation could lead to arbitrary code execution. |
| Winamp 5.666 Build 3516(x86) might allow attackers to execute arbitrary code or cause a denial of service via a crafted .flv file, related to "Data from Faulting Address may be used as a return value starting at f263!GetWinamp5SystemComponent+0x0000000000001951." |
| IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpAllocateHeap+0x0000000000000429." |
| IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to an "Invalid Handle starting at wow64!Wow64NotifyDebugger+0x000000000000001d." |
