Total
14498 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-2418 | 1 Google | 1 Android | 2025-04-12 | N/A |
| media/libmedia/IOMX.cpp in mediaserver in Android 6.x before 2016-04-01 does not initialize certain metadata buffer pointers, which allows attackers to obtain sensitive information from process memory, and consequently bypass an unspecified protection mechanism, via unspecified vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26324358. | ||||
| CVE-2015-5295 | 4 Fedoraproject, Openstack, Oracle and 1 more | 4 Fedora, Orchestration Api, Solaris and 1 more | 2025-04-12 | N/A |
| The template-validate command in OpenStack Orchestration API (Heat) before 2015.1.3 (kilo) and 5.0.x before 5.0.1 (liberty) allows remote authenticated users to cause a denial of service (memory consumption) or determine the existence of local files via the resource type in a template, as demonstrated by file:///dev/zero. | ||||
| CVE-2014-7913 | 2 Dhcpcd Project, Google | 2 Dhcpcd, Android | 2025-04-12 | N/A |
| The print_option function in dhcp-common.c in dhcpcd through 6.9.1, as used in dhcp.c in dhcpcd 5.x in Android before 5.1 and other products, misinterprets the return value of the snprintf function, which allows remote DHCP servers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted message. | ||||
| CVE-2016-1063 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more | 2025-04-12 | N/A |
| Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105. | ||||
| CVE-2014-8001 | 1 Cisco | 1 Openh264 | 2025-04-12 | N/A |
| Buffer overflow in decode.cpp in Cisco OpenH264 1.2.0 and earlier allows remote attackers to execute arbitrary code via an encoded media file. | ||||
| CVE-2014-8002 | 1 Cisco | 1 Openh264 | 2025-04-12 | N/A |
| Use-after-free vulnerability in decode_slice.cpp in Cisco OpenH264 1.2.0 and earlier allows remote attackers to execute arbitrary code via an encoded media file. | ||||
| CVE-2015-3078 | 5 Adobe, Apple, Linux and 2 more | 8 Air, Air Sdk, Air Sdk \& Compiler and 5 more | 2025-04-12 | N/A |
| Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3089, CVE-2015-3090, and CVE-2015-3093. | ||||
| CVE-2012-6429 | 1 Samsung | 1 Kies | 2025-04-12 | N/A |
| Buffer overflow in the PrepareSync method in the SyncService.dll ActiveX control in Samsung Kies before 2.5.1.12123_2_7 allows remote attackers to execute arbitrary code via a long string to the password argument. | ||||
| CVE-2016-1971 | 2 Microsoft, Mozilla | 2 Windows, Firefox | 2025-04-12 | N/A |
| The I420VideoFrame::CreateFrame function in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows omits an unspecified status check, which might allow remote attackers to cause a denial of service (memory corruption) or possibly have other impact via unknown vectors. | ||||
| CVE-2014-8123 | 1 Antiword Project | 1 Antiword | 2025-04-12 | N/A |
| Buffer overflow in the bGetPPS function in wordole.c in Antiword 0.37 allows remote attackers to cause a denial of service (crash) via a crafted document. | ||||
| CVE-2015-7552 | 2 Opensuse, Redhat | 2 Opensuse, Enterprise Linux | 2025-04-12 | N/A |
| Heap-based buffer overflow in the gdk_pixbuf_flip function in gdk-pixbuf-scale.c in gdk-pixbuf 2.30.x allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted BMP file. | ||||
| CVE-2016-1963 | 1 Mozilla | 1 Firefox | 2025-04-12 | N/A |
| The FileReader class in Mozilla Firefox before 45.0 allows local users to gain privileges or cause a denial of service (memory corruption) by changing a file during a FileReader API read operation. | ||||
| CVE-2014-8385 | 1 Advantech | 6 Eki-1200 Gateway Series Firmware, Eki-1221, Eki-1221d and 3 more | 2025-04-12 | N/A |
| Buffer overflow on Advantech EKI-1200 gateways with firmware before 1.63 allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2014-8388 | 1 Advantech | 1 Webaccess | 2025-04-12 | N/A |
| Stack-based buffer overflow in Advantech WebAccess, formerly BroadWin WebAccess, before 8.0 allows remote attackers to execute arbitrary code via a crafted ip_address parameter in an HTML document. | ||||
| CVE-2014-8611 | 2 Apple, Freebsd | 3 Iphone Os, Mac Os X, Freebsd | 2025-04-12 | N/A |
| The __sflush function in fflush.c in stdio in libc in FreeBSD 10.1 and the kernel in Apple iOS before 9 mishandles failures of the write system call, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted application. | ||||
| CVE-2016-1901 | 2 Cgit Project, Fedoraproject | 2 Cgit, Fedora | 2025-04-12 | N/A |
| Integer overflow in the authenticate_post function in CGit before 0.12 allows remote attackers to have unspecified impact via a large value in the Content-Length HTTP header, which triggers a buffer overflow. | ||||
| CVE-2014-8769 | 1 Redhat | 1 Tcpdump | 2025-04-12 | N/A |
| tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain sensitive information from memory or cause a denial of service (packet loss or segmentation fault) via a crafted Ad hoc On-Demand Distance Vector (AODV) packet, which triggers an out-of-bounds memory access. | ||||
| CVE-2014-8920 | 1 Ibm | 1 I Access | 2025-04-12 | N/A |
| Buffer overflow in the Data Transfer Program in IBM i Access 5770-XE1 5R4, 6.1, and 7.1 on Windows allows local users to gain privileges via unspecified vectors. | ||||
| CVE-2014-8962 | 2 Flac, Redhat | 2 Libflac, Enterprise Linux | 2025-04-12 | N/A |
| Stack-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file. | ||||
| CVE-2014-9202 | 1 Advantech | 1 Webaccess | 2025-04-12 | N/A |
| Multiple stack-based buffer overflows in an unspecified DLL file in Advantech WebAccess before 8.0_20150816 allow remote attackers to execute arbitrary code via a crafted file that triggers long string arguments to functions. | ||||