Total
9191 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-11213 | 6 Adobe, Apple, Google and 3 more | 11 Flash Player, Macos, Chrome Os and 8 more | 2025-04-20 | N/A |
| An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer due to an integer overflow; the computation is part of the abstraction that creates an arbitrarily sized transparent or opaque bitmap image. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure. | ||||
| CVE-2016-10244 | 2 Debian, Freetype | 2 Debian Linux, Freetype | 2025-04-20 | N/A |
| The parse_charstrings function in type1/t1load.c in FreeType 2 before 2.7 does not ensure that a font contains a glyph name, which allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted file. | ||||
| CVE-2016-10226 | 1 Apple | 1 Safari | 2025-04-20 | N/A |
| JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 18, allows remote attackers to cause a denial of service (bitfield out-of-bounds read and application crash) via crafted JavaScript code that is mishandled in the operatorString function, related to assembler/MacroAssemblerARM64.h, assembler/MacroAssemblerX86Common.h, and wasm/WasmB3IRGenerator.cpp. | ||||
| CVE-2016-5434 | 1 Pacman Project | 1 Pacman | 2025-04-20 | N/A |
| libalpm, as used in pacman 5.0.1, allows remote attackers to cause a denial of service (infinite loop or out-of-bounds read) via a crafted signature file. | ||||
| CVE-2016-10197 | 3 Debian, Libevent Project, Redhat | 3 Debian Linux, Libevent, Enterprise Linux | 2025-04-20 | 7.5 High |
| The search_make_new function in evdns.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (out-of-bounds read) via an empty hostname. | ||||
| CVE-2016-5827 | 1 Libical Project | 1 Libical | 2025-04-20 | 7.5 High |
| The icaltime_from_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted string to the icalparser_parse_string function. | ||||
| CVE-2017-1000173 | 1 Creolabs | 1 Gravity | 2025-04-20 | N/A |
| Creolabs Gravity Version: 1.0 Heap Overflow Potential Code Execution. By creating a large loop whiling pushing data to a buffer, we can break out of the bounds checking of that buffer. When list.join is called on the data it will read past a buffer resulting in a Heap-Buffer-Overflow. | ||||
| CVE-2016-10171 | 1 Wavpack Project | 1 Wavpack | 2025-04-20 | N/A |
| The unreorder_channels function in cli/wvunpack.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file. | ||||
| CVE-2017-1000126 | 1 Exiv2 | 1 Exiv2 | 2025-04-20 | N/A |
| exiv2 0.26 contains a Stack out of bounds read in webp parser | ||||
| CVE-2016-10170 | 1 Wavpack Project | 1 Wavpack | 2025-04-20 | N/A |
| The WriteCaffHeader function in cli/caff.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file. | ||||
| CVE-2017-0854 | 1 Google | 1 Android | 2025-04-20 | N/A |
| An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63873837. | ||||
| CVE-2016-6236 | 1 Lepton Project | 1 Lepton | 2025-04-20 | N/A |
| The setup_imginfo_jpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted jpeg file. | ||||
| CVE-2016-6238 | 1 Lepton Project | 1 Lepton | 2025-04-20 | N/A |
| The write_ujpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause denial of service (out-of-bounds read) via a crafted jpeg file. | ||||
| CVE-2016-7518 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 6.5 Medium |
| The ReadSUNImage function in coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SUN file. | ||||
| CVE-2017-0725 | 1 Google | 1 Android | 2025-04-20 | N/A |
| A denial of service vulnerability in the Android media framework (libskia). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-37627194. | ||||
| CVE-2016-9959 | 4 Game-music-emu Project, Opensuse, Opensuse Project and 1 more | 9 Game-music-emu, Leap, Opensuse and 6 more | 2025-04-20 | N/A |
| game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values. | ||||
| CVE-2016-10071 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 5.5 Medium |
| coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file. | ||||
| CVE-2016-9642 | 1 Webkit | 1 Webkit | 2025-04-20 | N/A |
| JavaScriptCore in WebKit allows attackers to cause a denial of service (out-of-bounds heap read) via a crafted Javascript file. | ||||
| CVE-2016-10065 | 2 Imagemagick, Opensuse | 2 Imagemagick, Leap | 2025-04-20 | N/A |
| The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file. | ||||
| CVE-2016-10029 | 1 Qemu | 1 Qemu | 2025-04-20 | 5.5 Medium |
| The virtio_gpu_set_scanout function in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process crash) via a scanout id in a VIRTIO_GPU_CMD_SET_SCANOUT command larger than num_scanouts. | ||||