Total
9176 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-9810 | 2 Gstreamer, Redhat | 2 Gstreamer, Enterprise Linux | 2025-04-20 | N/A |
| The gst_decode_chain_free_internal function in the flxdex decoder in gst-plugins-good in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and crash) via an invalid file, which triggers an incorrect unref call. | ||||
| CVE-2017-8268 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, the camera application can possibly request frame/command buffer processing with invalid values leading to the driver performing a heap buffer over-read. | ||||
| CVE-2017-14160 | 2 Debian, Xiph.org | 2 Debian Linux, Libvorbis | 2025-04-20 | 8.8 High |
| The bark_noise_hybridmp function in psy.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact via a crafted mp4 file. | ||||
| CVE-2016-9050 | 1 Aerospike | 1 Database Server | 2025-04-20 | 8.2 High |
| An exploitable out-of-bounds read vulnerability exists in the client message-parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds read resulting in disclosure of memory within the process, the same vulnerability can also be used to trigger a denial of service. An attacker can simply connect to the port and send the packet to trigger this vulnerability. | ||||
| CVE-2016-8574 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2025-04-20 | N/A |
| The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print(). | ||||
| CVE-2017-14410 | 1 Mp3gain | 1 Mp3gain | 2025-04-20 | N/A |
| A buffer over-read was discovered in III_i_stereo in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of service. | ||||
| CVE-2016-7975 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2025-04-20 | N/A |
| The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcp_print(). | ||||
| CVE-2017-11060 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed during processing of ACA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_PASSPOINT_LIST and QCA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_LIST cfg80211 vendor commands in __wlan_hdd_cfg80211_set_passpoint_list and hdd_extscan_passpoint_fill_network_list function respectively. Android ID: A-36817548. References: QC-CR#2058447, QC-CR#2054770. | ||||
| CVE-2016-7932 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2025-04-20 | N/A |
| The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum(). | ||||
| CVE-2017-11064 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed during processing of ACA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_PASSPOINT_LIST and QCA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_LIST cfg80211 vendor commands in __wlan_hdd_cfg80211_set_passpoint_list and hdd_extscan_passpoint_fill_network_list function respectively. Android ID: A-36815952. References: QC-CR#2054770, QC-CR#2058447, QC-CR#2066628, QC-CR#2087785 | ||||
| CVE-2016-7532 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 6.5 Medium |
| coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file. | ||||
| CVE-2016-7516 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 6.5 Medium |
| The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted VIFF file. | ||||
| CVE-2017-9782 | 1 Jasper Project | 1 Jasper | 2025-04-20 | N/A |
| JasPer 2.0.12 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted image, related to the jp2_decode function in libjasper/jp2/jp2_dec.c. | ||||
| CVE-2017-11114 | 1 Twibright | 1 Links | 2025-04-20 | N/A |
| The put_chars function in html_r.c in Twibright Links 2.14 allows remote attackers to cause a denial of service (buffer over-read) via a crafted HTML file. | ||||
| CVE-2022-32948 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-04-18 | 7.8 High |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2022-23523 | 1 Linux-loader Project | 1 Linux-loader | 2025-04-18 | 4 Medium |
| In versions prior to 0.8.1, the linux-loader crate uses the offsets and sizes provided in the ELF headers to determine the offsets to read from. If those offsets point beyond the end of the file this could lead to Virtual Machine Monitors using the `linux-loader` crate entering an infinite loop if the ELF header of the kernel they are loading was modified in a malicious manner. This issue has been addressed in 0.8.1. The issue can be mitigated by ensuring that only trusted kernel images are loaded or by verifying that the headers do not point beyond the end of the file. | ||||
| CVE-2022-20557 | 1 Google | 1 Android | 2025-04-18 | 6.7 Medium |
| In MessageQueueBase of MessageQueueBase.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-247092734 | ||||
| CVE-2022-20555 | 1 Google | 1 Android | 2025-04-18 | 4.4 Medium |
| In ufdt_get_node_by_path_len of ufdt_convert.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246194233 | ||||
| CVE-2022-20528 | 1 Google | 1 Android | 2025-04-18 | 3.3 Low |
| In findParam of HevcUtils.cpp there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-230172711 | ||||
| CVE-2022-20593 | 1 Google | 1 Android | 2025-04-18 | 4.4 Medium |
| In pop_descriptor_string of BufferDescriptor.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239415809References: N/A | ||||