Total
14732 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-4051 | 4 Canonical, Oracle, Redhat and 1 more | 4 Ubuntu Linux, Linux, Enterprise Linux and 1 more | 2025-04-12 | N/A |
| Buffer overflow in cachemgr.cgi in Squid 2.x, 3.x before 3.5.17, and 4.x before 4.0.9 might allow remote attackers to cause a denial of service or execute arbitrary code by seeding manager reports with crafted data. | ||||
| CVE-2016-1737 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| Carbon in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dfont file. | ||||
| CVE-2016-1736 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| Bluetooth in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1735. | ||||
| CVE-2014-9204 | 1 Rockwellautomation | 1 Rslinx | 2025-04-12 | N/A |
| Stack-based buffer overflow in OPCTest.exe in Rockwell Automation RSLinx Classic before 3.73.00 allows remote attackers to execute arbitrary code via a crafted CSV file. | ||||
| CVE-2014-0069 | 3 Linux, Redhat, Suse | 11 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 8 more | 2025-04-12 | N/A |
| The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory corruption and system crash), or possibly gain privileges via a writev system call with a crafted pointer. | ||||
| CVE-2016-1131 | 1 Dx Library Project | 1 Dx Library | 2025-04-12 | N/A |
| Buffer overflow in the CL_vsprintf function in Takumi Yamada DX Library before 3.16 allows remote attackers to execute arbitrary code via a crafted string. | ||||
| CVE-2014-9203 | 2 Ge, Mactek | 4 12400 Level Transmitter Device Type Manager, Svi Ii Ap Positioner Device Type Manager, Vector Device Type Manager and 1 more | 2025-04-12 | N/A |
| Buffer overflow in the Field Device Tool (FDT) Frame application in the HART Device Type Manager (DTM) library, as used in MACTek Bullet DTM 1.00.0, GE Vector DTM 1.00.0, GE SVi1000 Positioner DTM 1.00.0, GE SVI II AP Positioner DTM 2.00.1, and GE 12400 Level Transmitter DTM 1.00.0, allows remote attackers to cause a denial of service (DTM outage) via crafted packets. | ||||
| CVE-2014-9206 | 1 Schneider-electric | 1 Device Type Manager | 2025-04-12 | N/A |
| Stack-based buffer overflow in Device Type Manager (DTM) 3.1.6 and earlier for Schneider Electric Invensys SRD Control Valve Positioner devices 960 and 991 allows local users to gain privileges via a malformed DLL file. | ||||
| CVE-2014-9317 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-12 | N/A |
| The decode_ihdr_chunk function in libavcodec/pngdec.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to cause a denial of service (out-of-bounds heap access) and possibly have other unspecified impact via an IDAT before an IHDR in a PNG file. | ||||
| CVE-2016-1799 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| Audio in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | ||||
| CVE-2016-3248 | 1 Microsoft | 2 Edge, Internet Explorer | 2025-04-12 | N/A |
| The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3259. | ||||
| CVE-2014-2796 | 1 Microsoft | 1 Internet Explorer | 2025-04-12 | N/A |
| Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2808, CVE-2014-2825, CVE-2014-4050, CVE-2014-4055, and CVE-2014-4067. | ||||
| CVE-2015-1472 | 3 Canonical, Gnu, Redhat | 4 Ubuntu Linux, Glibc, Enterprise Linux and 1 more | 2025-04-12 | N/A |
| The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long line containing wide characters that are improperly handled in a wscanf call. | ||||
| CVE-2015-6049 | 1 Microsoft | 1 Internet Explorer | 2025-04-12 | N/A |
| Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6048. | ||||
| CVE-2013-6691 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | N/A |
| The WebVPN CIFS implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0(.4.1) and earlier allows remote CIFS servers to cause a denial of service (device reload) via a long share list, aka Bug ID CSCuj83344. | ||||
| CVE-2016-4597 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4596, CVE-2016-4600, and CVE-2016-4602. | ||||
| CVE-2014-2808 | 1 Microsoft | 1 Internet Explorer | 2025-04-12 | N/A |
| Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2796, CVE-2014-2825, CVE-2014-4050, CVE-2014-4055, and CVE-2014-4067. | ||||
| CVE-2016-4598 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image. | ||||
| CVE-2016-4640 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| Login Window in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context, obtain sensitive user information, or cause a denial of service (memory corruption) via a crafted app. | ||||
| CVE-2016-2563 | 2 9bis, Simon Tatham | 2 Kitty, Putty | 2025-04-12 | N/A |
| Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to cause a denial of service (stack memory corruption) or execute arbitrary code via a crafted SCP-SINK file-size response to an SCP download request. | ||||