Search
Total
3972 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-14459 | 1 Linuxsampler | 1 Libgig | 2018-09-13 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in pData[0] access in the function store16 in helper.h. | |||||
| CVE-2018-3936 | 2 Antennahouse, Linux | 2 Office Server Document Converter, Linux Kernel | 2018-09-07 | 6.8 MEDIUM | 7.8 HIGH |
| In Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312), a crafted Microsoft Word (DOC) document can lead to an out-of-bounds write, resulting in remote code execution. | |||||
| CVE-2018-3933 | 2 Antennahouse, Linux | 2 Office Server Document Converter, Linux Kernel | 2018-09-07 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable out-of-bounds write exists in the Microsoft Word document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312). A crafted Microsoft Word (DOC) document can lead to an out-of-bounds write, resulting in remote code execution. This vulnerability occurs in the `vbputanld` method. | |||||
| CVE-2018-3931 | 2 Antennahouse, Linux | 2 Office Server Document Converter, Linux Kernel | 2018-09-06 | 6.8 MEDIUM | 7.8 HIGH |
| In Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312), a crafted Microsoft Word (DOC) document can lead to an out-of-bounds write, resulting in remote code execution. This vulnerability occurs in the `putShapeProperty` method. | |||||
| CVE-2018-3930 | 2 Antennahouse, Linux | 2 Office Server Document Converter, Linux Kernel | 2018-09-06 | 6.8 MEDIUM | 7.8 HIGH |
| In Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312), a crafted Microsoft Word (DOC) document can lead to an out-of-bounds write, resulting in remote code execution. This vulnerability occurs in the `vbgetfp` method. | |||||
| CVE-2018-4997 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2018-08-29 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, and 2015.006.30394 and earlier have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | |||||
| CVE-2016-9755 | 1 Linux | 1 Linux Kernel | 2018-08-13 | 4.6 MEDIUM | 7.8 HIGH |
| The netfilter subsystem in the Linux kernel before 4.9 mishandles IPv6 reassembly, which allows local users to cause a denial of service (integer overflow, out-of-bounds write, and GPF) or possibly have unspecified other impact via a crafted application that makes socket, connect, and writev system calls, related to net/ipv6/netfilter/nf_conntrack_reasm.c and net/ipv6/netfilter/nf_defrag_ipv6_hooks.c. | |||||
| CVE-2017-5448 | 3 Debian, Mozilla, Redhat | 9 Debian Linux, Firefox, Firefox Esr and 6 more | 2018-08-09 | 7.5 HIGH | 8.6 HIGH |
| An out-of-bounds write in "ClearKeyDecryptor" while decrypting some Clearkey-encrypted media content. The "ClearKeyDecryptor" code runs within the Gecko Media Plugin (GMP) sandbox. If a second mechanism is found to escape the sandbox, this vulnerability allows for the writing of arbitrary data within memory, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. | |||||
| CVE-2018-12599 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2018-08-09 | 6.8 MEDIUM | 8.8 HIGH |
| In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file. | |||||
| CVE-2018-12600 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2018-08-09 | 6.8 MEDIUM | 8.8 HIGH |
| In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file. | |||||
| CVE-2017-5436 | 4 Debian, Mozilla, Redhat and 1 more | 11 Debian Linux, Firefox, Firefox Esr and 8 more | 2018-08-07 | 6.8 MEDIUM | 8.8 HIGH |
| An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. | |||||
| CVE-2018-12035 | 1 Virustotal | 1 Yara | 2018-08-01 | 6.8 MEDIUM | 7.8 HIGH |
| In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yr_execute_code in libyara/exec.c. | |||||
| CVE-2017-6292 | 1 Google | 1 Android | 2018-07-27 | 7.2 HIGH | 7.8 HIGH |
| In Android before the 2018-06-05 security patch level, NVIDIA TLZ TrustZone contains a possible out of bounds write due to integer overflow which could lead to local escalation of privilege in the TrustZone with no additional execution privileges needed. User interaction is not needed for exploitation. This issue is rated as high. Version: N/A. Android: A-69480285. Reference: N-CVE-2017-6292. | |||||
| CVE-2017-6294 | 1 Google | 1 Android | 2018-07-27 | 7.2 HIGH | 7.8 HIGH |
| In Android before the 2018-06-05 security patch level, NVIDIA Tegra X1 TZ contains a possible out of bounds write due to missing bounds check which could lead to escalation of privilege from the kernel to the TZ. User interaction is not needed for exploitation. This issue is rated as high. Version: N/A. Android: A-69316825. Reference: N-CVE-2017-6294. | |||||
| CVE-2018-11710 | 1 Openmpt | 1 Libopenmpt | 2018-07-16 | 6.8 MEDIUM | 8.8 HIGH |
| soundlib/pattern.h in libopenmpt before 0.3.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted AMS file because of an invalid write near address 0 in an out-of-memory situation. | |||||
| CVE-2018-6235 | 2 Microsoft, Trendmicro | 5 Windows, Antivirus\+, Internet Security and 2 more | 2018-06-28 | 7.2 HIGH | 7.8 HIGH |
| An Out-of-Bounds write privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222814 by the tmnciesc.sys driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2017-6293 | 1 Google | 1 Android | 2018-06-14 | 7.2 HIGH | 7.8 HIGH |
| In Android before the 2018-05-05 security patch level, NVIDIA Tegra X1 TZ contains a vulnerability in Widevine TA where the software writes data past the end, or before the beginning, of the intended buffer, which may lead to escalation of Privileges. This issue is rated as high. Android: A-69377364. Reference: N-CVE-2017-6293. | |||||
| CVE-2016-9043 | 1 Corel | 1 Coreldraw | 2018-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| An out of bound write vulnerability exists in the EMF parsing functionality of CorelDRAW X8 (CdrGfx - Corel Graphics Engine (64-Bit) - 18.1.0.661). A specially crafted EMF file can cause a vulnerability resulting in potential code execution. An attacker can send the victim a specific EMF file to trigger this vulnerability. | |||||
| CVE-2016-8728 | 1 Artifex | 1 Mupdf | 2018-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process memory corruption leading to potential code execution. Victim needs to open the specially crafted file in a vulnerable reader in order to trigger this vulnerability. | |||||
| CVE-2016-8730 | 1 Corel | 1 Coreldraw Photo Paint X8 | 2018-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| An of bound write / memory corruption vulnerability exists in the GIF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661. A specially crafted GIF file can cause a vulnerability resulting in potential memory corruption resulting in code execution. An attacker can send the victim a specific GIF file to trigger this vulnerability. | |||||
| CVE-2017-2803 | 1 Corel | 1 Coreldraw Photo Paint X8 | 2018-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| A remote out of bound write vulnerability exists in the TIFF parsing functionality of Core PHOTO-PAINT X8 version 18.1.0.661. A specially crafted TIFF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific TIFF file to trigger this vulnerability. This vulnerability only exists in the 64-bit version. | |||||
| CVE-2017-2804 | 1 Corel | 1 Coreldraw Photo Paint X8 | 2018-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| A remote out of bound write vulnerability exists in the TIFF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661. A specially crafted TIFF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific TIFF file to trigger this vulnerability. | |||||
| CVE-2018-5675 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2018-06-08 | 6.8 MEDIUM | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of specially crafted pdf files with embedded u3d images. Crafted data in the PDF file can trigger an out-of-bounds write on a buffer. An attacker can leverage this vulnerability to execute code under the context of the current process. | |||||
| CVE-2017-2811 | 1 Kakadusoftware | 1 Kakadu Sdk | 2018-05-25 | 6.8 MEDIUM | 7.8 HIGH |
| A code execution vulnerability exists in the Kakadu SDK 7.9's parsing of compressed JPEG 2000 images. A specially crafted JPEG 2000 file can be read by the program, and can lead to an out of bounds write causing an exploitable condition to arise. | |||||
| CVE-2017-2812 | 1 Kakadusoftware | 1 Kakadu Sdk | 2018-05-25 | 6.8 MEDIUM | 7.8 HIGH |
| A code execution vulnerability exists in the kdu_buffered_expand function of the Kakadu SDK 7.9. A specially crafted JPEG 2000 file can be read by the program and can lead to an out of bounds write causing an exploitable condition to arise. | |||||
| CVE-2018-3889 | 1 Pl32 | 1 Photoline | 2018-05-18 | 6.8 MEDIUM | 7.8 HIGH |
| A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and gain code execution. | |||||
| CVE-2018-3862 | 1 Computer-insel | 1 Photoline | 2018-05-16 | 6.8 MEDIUM | 7.8 HIGH |
| A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting | |||||
| CVE-2018-3861 | 1 Computer-insel | 1 Photoline | 2018-05-16 | 6.8 MEDIUM | 7.8 HIGH |
| A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain code execution. | |||||
| CVE-2018-3888 | 1 Pl32 | 1 Photoline | 2018-05-11 | 6.8 MEDIUM | 7.8 HIGH |
| A memory corruption vulnerability exists in the PCX-parsing functionality of Computerinsel Photoline 20.53. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and gain code execution. | |||||
| CVE-2018-3887 | 1 Pl32 | 1 Photoline | 2018-05-11 | 6.8 MEDIUM | 7.8 HIGH |
| A memory corruption vulnerability exists in the PCX-parsing functionality of Computerinsel Photoline 20.53. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and gain code execution. | |||||
| CVE-2018-3886 | 1 Pl32 | 1 Photoline | 2018-05-11 | 6.8 MEDIUM | 7.8 HIGH |
| A memory corruption vulnerability exists in the PCX-parsing functionality of Computerinsel Photoline 20.53. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and gain code execution. | |||||
| CVE-2017-13293 | 1 Google | 1 Android | 2018-05-10 | 7.2 HIGH | 7.8 HIGH |
| In the nfc_hci_cmd_received() function of core.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-62679701. | |||||
| CVE-2017-13277 | 1 Google | 1 Android | 2018-05-09 | 9.3 HIGH | 7.8 HIGH |
| In ihevcd_fmt_conv of ihevcd_fmt_conv.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-72165027. | |||||
| CVE-2017-13248 | 1 Google | 1 Android | 2018-05-09 | 9.3 HIGH | 7.8 HIGH |
| In impeg2_idct_recon_sse42() of impeg2_idct_recon_sse42_intr.c, there is an out of bound write due to a missing bounds check. This could lead to an remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-70349612. | |||||
| CVE-2017-13249 | 1 Google | 1 Android | 2018-05-09 | 9.3 HIGH | 7.8 HIGH |
| In impeg2d_api_set_display_frame of impeg2d_api_main.c, there is an out of bound write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-70399408. | |||||
| CVE-2017-13250 | 1 Google | 1 Android | 2018-05-09 | 9.3 HIGH | 7.8 HIGH |
| In ih264d_fmt_conv_420sp_to_420p of ih264d_utils.c, there is an out of bound write due to a missing out of bounds check because of a multiplication error. This could lead to an remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-71375536. | |||||
| CVE-2017-13251 | 1 Google | 1 Android | 2018-05-08 | 9.3 HIGH | 7.8 HIGH |
| In impeg2d_dec_pic_data_thread of impeg2d_dec_hdr.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege when running multi threaded with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-69269702. | |||||
| CVE-2017-13253 | 1 Google | 1 Android | 2018-05-08 | 9.3 HIGH | 7.8 HIGH |
| In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 8.0, 8.1. Android ID: A-71389378. | |||||
| CVE-2017-13255 | 1 Google | 1 Android | 2018-05-08 | 8.3 HIGH | 8.8 HIGH |
| In process_service_attr_req of sdp_server.c, there is an out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68776054. | |||||
| CVE-2017-13256 | 1 Google | 1 Android | 2018-05-08 | 8.3 HIGH | 8.8 HIGH |
| In process_service_search_attr_req of sdp_server.cc, there is an out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68817966. | |||||
| CVE-2018-5717 | 1 Ncr | 2 S2 Dispenser Controller, S2 Dispenser Controller Firmware | 2018-04-20 | 7.8 HIGH | 7.5 HIGH |
| Memory write mechanism in NCR S2 Dispenser controller before firmware version 0x0108 allows an unauthenticated user to upgrade or downgrade the firmware of the device, including to older versions with known vulnerabilities. | |||||
| CVE-2017-12111 | 1 Libxls Project | 1 Libxls | 2018-04-18 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable out-of-bounds vulnerability exists in the xls_addCell function of libxls 1.4. A specially crafted XLS file with a formula record can cause memory corruption resulting in remote code execution. An attacker can send a malicious XLS file to trigger this vulnerability. | |||||
| CVE-2017-7294 | 1 Linux | 1 Linux Kernel | 2018-04-12 | 7.2 HIGH | 7.8 HIGH |
| The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data, which allows local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device. | |||||
| CVE-2014-8129 | 4 Apple, Debian, Libtiff and 1 more | 8 Iphone Os, Mac Os X, Debian Linux and 5 more | 2018-04-06 | 6.8 MEDIUM | 8.8 HIGH |
| LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c. | |||||
| CVE-2016-5314 | 4 Debian, Libtiff, Opensuse and 1 more | 5 Debian Linux, Libtiff, Leap and 2 more | 2018-04-05 | 6.8 MEDIUM | 8.8 HIGH |
| Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer with rgb2ycbcr. | |||||
| CVE-2017-6286 | 1 Google | 1 Android | 2018-04-04 | 7.2 HIGH | 7.8 HIGH |
| NVIDIA libnvomx contains a possible out of bounds write due to a missing bounds check which could lead to local escalation of privilege. This issue is rated as high. Product: Android. Version: N/A. Android: A-64893247. Reference: N-CVE-2017-6286. | |||||
| CVE-2017-6281 | 1 Google | 1 Android | 2018-04-04 | 7.2 HIGH | 7.8 HIGH |
| NVIDIA libnvomx contains a possible out of bounds write due to a improper input validation which could lead to local escalation of privilege. This issue is rated as high. Product: Android. Version: N/A. Android: A-66969318. Reference: N-CVE-2017-6281. | |||||
| CVE-2017-17227 | 1 Huawei | 2 Mate 10, Mate 10 Firmware | 2018-03-26 | 9.3 HIGH | 7.8 HIGH |
| GPU driver in Huawei Mate 10 smart phones with the versions before ALP-L09 8.0.0.120(C212); The versions before ALP-L09 8.0.0.127(C900); The versions before ALP-L09 8.0.0.128(402/C02/C109/C346/C432/C652) has a out-of-bounds memory access vulnerability due to the input parameters validation. An attacker tricks a user into installing a malicious application on the smart phone, and the application can call the driver with special parameter and cause accessing out-of-bounds memory. Successful exploit may result in phone crash or arbitrary code execution. | |||||
| CVE-2017-11335 | 1 Libtiff | 1 Libtiff | 2018-03-22 | 6.8 MEDIUM | 8.8 HIGH |
| There is a heap based buffer overflow in tools/tiff2pdf.c of LibTIFF 4.0.8 via a PlanarConfig=Contig image, which causes a more than one hundred bytes out-of-bounds write (related to the ZIPDecode function in tif_zip.c). A crafted input may lead to a remote denial of service attack or an arbitrary code execution attack. | |||||
| CVE-2018-4898 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2018-03-19 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is part of the XPS engine that adds vector graphics and images to a fixed page. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code. | |||||