Search
Total
1785 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-8453 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2017-05-12 | 6.8 MEDIUM | 8.8 HIGH |
| Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in a PDF document. | |||||
| CVE-2017-8454 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2017-05-12 | 6.8 MEDIUM | 8.8 HIGH |
| Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in a PDF document. | |||||
| CVE-2017-8294 | 1 Virustotal | 1 Yara | 2017-05-03 | 5.0 MEDIUM | 7.5 HIGH |
| libyara/re.c in the regex component in YARA 3.5.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted rule that is mishandled in the yr_re_exec function. | |||||
| CVE-2017-5923 | 1 Virustotal | 1 Yara | 2017-05-02 | 5.0 MEDIUM | 7.5 HIGH |
| libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted rule that is mishandled in the yara_yyparse function. | |||||
| CVE-2016-10226 | 1 Apple | 1 Safari | 2017-04-11 | 5.0 MEDIUM | 7.5 HIGH |
| JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 18, allows remote attackers to cause a denial of service (bitfield out-of-bounds read and application crash) via crafted JavaScript code that is mishandled in the operatorString function, related to assembler/MacroAssemblerARM64.h, assembler/MacroAssemblerX86Common.h, and wasm/WasmB3IRGenerator.cpp. | |||||
| CVE-2017-7304 | 1 Gnu | 1 Binutils | 2017-03-31 | 5.0 MEDIUM | 7.5 HIGH |
| The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 8) because of missing a check (in the copy_special_section_fields function) for an invalid sh_link field before attempting to follow it. This vulnerability causes Binutils utilities like strip to crash. | |||||
| CVE-2017-7277 | 1 Linux | 1 Linux Kernel | 2017-03-31 | 6.6 MEDIUM | 7.1 HIGH |
| The TCP stack in the Linux kernel through 4.10.6 mishandles the SCM_TIMESTAMPING_OPT_STATS feature, which allows local users to obtain sensitive information from the kernel's internal socket data structures or cause a denial of service (out-of-bounds read) via crafted system calls, related to net/core/skbuff.c and net/socket.c. | |||||
| CVE-2017-7303 | 1 Gnu | 1 Binutils | 2017-03-31 | 5.0 MEDIUM | 7.5 HIGH |
| The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 4) because of missing a check (in the find_link function) for null headers before attempting to match them. This vulnerability causes Binutils utilities like strip to crash. | |||||
| CVE-2017-7300 | 1 Gnu | 1 Binutils | 2017-03-31 | 5.0 MEDIUM | 7.5 HIGH |
| The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that is vulnerable to a heap-based buffer over-read (off-by-one) because of an incomplete check for invalid string offsets while loading symbols, leading to a GNU linker (ld) program crash. | |||||
| CVE-2017-7302 | 1 Gnu | 1 Binutils | 2017-03-31 | 5.0 MEDIUM | 7.5 HIGH |
| The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a swap_std_reloc_out function in bfd/aoutx.h that is vulnerable to an invalid read (of size 4) because of missing checks for relocs that could not be recognised. This vulnerability causes Binutils utilities like strip to crash. | |||||
| CVE-2015-8763 | 1 Freeradius | 1 Freeradius | 2017-03-30 | 6.8 MEDIUM | 8.1 HIGH |
| The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to have unspecified impact via a crafted (1) commit or (2) confirm message, which triggers an out-of-bounds read. | |||||
| CVE-2016-2374 | 3 Canonical, Debian, Pidgin | 3 Ubuntu Linux, Debian Linux, Pidgin | 2017-03-30 | 6.8 MEDIUM | 8.1 HIGH |
| An exploitable memory corruption vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT MultiMX message sent via the server can result in an out-of-bounds write leading to memory disclosure and code execution. | |||||
| CVE-2017-7263 | 1 Potrace Project | 1 Potrace | 2017-03-29 | 6.8 MEDIUM | 7.8 HIGH |
| The bm_readbody_bmp function in bitmap_io.c in Potrace 1.14 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8698. | |||||
| CVE-2016-9275 | 1 Libdwarf Project | 1 Libdwarf | 2017-03-27 | 5.0 MEDIUM | 7.5 HIGH |
| Heap-based buffer overflow in the _dwarf_skim_forms function in libdwarf/dwarf_macro5.c in Libdwarf before 20161124 allows remote attackers to cause a denial of service (out-of-bounds read). | |||||
| CVE-2016-9276 | 1 Libdwarf Project | 1 Libdwarf | 2017-03-27 | 5.0 MEDIUM | 7.5 HIGH |
| The dwarf_get_aranges_list function in dwarf_arrange.c in Libdwarf before 20161124 allows remote attackers to cause a denial of service (out-of-bounds read). | |||||
| CVE-2017-2786 | 1 Pharos | 1 Popup | 2017-03-14 | 5.0 MEDIUM | 7.5 HIGH |
| A denial of service vulnerability exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim's computer and can lead to an out of bounds read causing a crash and a denial of service. | |||||
| CVE-2017-6347 | 1 Linux | 1 Linux Kernel | 2017-03-03 | 7.2 HIGH | 7.8 HIGH |
| The ip_cmsg_recv_checksum function in net/ipv4/ip_sockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted system calls, as demonstrated by use of the MSG_MORE flag in conjunction with loopback UDP transmission. | |||||
| CVE-2016-8388 | 1 Iceni | 1 Argus | 2017-03-02 | 9.3 HIGH | 7.8 HIGH |
| An exploitable arbitrary heap-overwrite vulnerability exists within Iceni Argus. When it attempts to convert a malformed PDF to XML, it will explicitly trust an index within the specific font object and use it to write the font's name to a single object within an array of objects. | |||||
| CVE-2016-5043 | 1 Libdwarf Project | 1 Libdwarf | 2017-02-22 | 5.0 MEDIUM | 7.5 HIGH |
| The dwarf_dealloc function in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted DWARF section. | |||||
| CVE-2016-5039 | 1 Libdwarf Project | 1 Libdwarf | 2017-02-22 | 5.0 MEDIUM | 7.5 HIGH |
| The get_attr_value function in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted object with all-bits on. | |||||
| CVE-2016-5040 | 1 Libdwarf Project | 1 Libdwarf | 2017-02-22 | 4.3 MEDIUM | 7.5 HIGH |
| libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a large length value in a compilation unit header. | |||||
| CVE-2016-5038 | 1 Libdwarf Project | 1 Libdwarf | 2017-02-22 | 5.0 MEDIUM | 7.5 HIGH |
| The dwarf_get_macro_startend_file function in dwarf_macro5.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted string offset for .debug_str. | |||||
| CVE-2016-5036 | 1 Libdwarf Project | 1 Libdwarf | 2017-02-22 | 5.0 MEDIUM | 7.5 HIGH |
| The dump_block function in print_sections.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted frame data. | |||||
| CVE-2016-9050 | 1 Aerospike | 1 Database Server | 2017-01-28 | 6.4 MEDIUM | 8.2 HIGH |
| An exploitable out-of-bounds read vulnerability exists in the client message-parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds read resulting in disclosure of memory within the process, the same vulnerability can also be used to trigger a denial of service. An attacker can simply connect to the port and send the packet to trigger this vulnerability. | |||||
| CVE-2017-5556 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2017-01-26 | 5.8 MEDIUM | 8.1 HIGH |
| The ConvertToPDF plugin in Foxit Reader before 8.2 and PhantomPDF before 8.2 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image. The vulnerability could lead to information disclosure; an attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. | |||||
| CVE-2016-9109 | 1 Artifex | 1 Mujs | 2017-01-20 | 5.0 MEDIUM | 7.5 HIGH |
| Artifex Software MuJS allows attackers to cause a denial of service (crash) via vectors related to incomplete escape sequences. NOTE: this vulnerability exists due to an incomplete fix for CVE-2016-7563. | |||||
| CVE-2016-7563 | 1 Artifex | 1 Mujs | 2017-01-20 | 5.0 MEDIUM | 7.5 HIGH |
| The chartorune function in Artifex Software MuJS allows attackers to cause a denial of service (out-of-bounds read) via a * (asterisk) at the end of the input. | |||||
| CVE-2016-6891 | 1 Matrixssl | 1 Matrixssl | 2017-01-06 | 5.0 MEDIUM | 7.5 HIGH |
| MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ASN.1 Bit Field primitive in an X.509 certificate. | |||||
| CVE-2016-9777 | 1 Linux | 1 Linux Kernel | 2016-12-31 | 6.9 MEDIUM | 7.8 HIGH |
| KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does not properly restrict the VCPU index, which allows guest OS users to gain host OS privileges or cause a denial of service (out-of-bounds array access and host OS crash) via a crafted interrupt request, related to arch/x86/kvm/ioapic.c and arch/x86/kvm/ioapic.h. | |||||
| CVE-2016-7506 | 1 Artifex | 1 Mujs | 2016-12-02 | 5.0 MEDIUM | 7.5 HIGH |
| An out-of-bounds read vulnerability was observed in Sp_replace_regexp function of Artifex Software, Inc. MuJS before 5000749f5afe3b956fc916e407309de840997f4a. A successful exploitation of this issue can lead to code execution or denial of service condition. | |||||
| CVE-2016-8878 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2016-11-29 | 6.8 MEDIUM | 8.8 HIGH |
| Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted BMP image embedded in the XFA stream in a PDF document, aka "Data from Faulting Address may be used as a return value starting at FOXITREADER." | |||||
| CVE-2016-8876 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2016-11-29 | 6.8 MEDIUM | 7.5 HIGH |
| Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF image embedded in the XFA stream in a PDF document, aka "Read Access Violation starting at FoxitReader." | |||||
| CVE-2016-9017 | 1 Artifex | 1 Mujs | 2016-11-29 | 5.0 MEDIUM | 7.5 HIGH |
| Artifex Software, Inc. MuJS before a5c747f1d40e8d6659a37a8d25f13fb5acf8e767 allows context-dependent attackers to obtain sensitive information by using the "opname in crafted JavaScript file" approach, related to an "Out-of-Bounds read" issue affecting the jsC_dumpfunction function in the jsdump.c component. | |||||
| CVE-2016-3854 | 1 Google | 1 Android | 2016-11-28 | 6.8 MEDIUM | 7.8 HIGH |
| drivers/media/video/msm/msm_mctl_buf.c in the Qualcomm components in Android before 2016-08-05 does not validate the image mode, which allows attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted application, aka Qualcomm internal bug CR897326. | |||||
| CVE-2016-3855 | 1 Google | 1 Android | 2016-11-28 | 6.8 MEDIUM | 7.8 HIGH |
| drivers/thermal/supply_lm_core.c in the Qualcomm components in Android before 2016-08-05 does not validate a certain count parameter, which allows attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted application, aka Qualcomm internal bug CR990824. | |||||