Export limit exceeded: 41610 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (41610 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-9598 | 2 Redhat, Xmlsoft | 2 Jboss Core Services, Libxml2 | 2024-11-21 | 6.5 Medium |
| libxml2, as used in Red Hat JBoss Core Services, allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted XML document. NOTE: this vulnerability exists because of a missing fix for CVE-2016-4483. | ||||
| CVE-2016-9597 | 6 Canonical, Debian, Hp and 3 more | 7 Ubuntu Linux, Debian Linux, Icewall Federation Agent and 4 more | 2024-11-21 | N/A |
| It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service attack due to a Stack Overflow. This is a regression CVE for the same issue as CVE-2016-3705. | ||||
| CVE-2016-9586 | 2 Haxx, Redhat | 2 Curl, Rhel Software Collections | 2024-11-21 | N/A |
| curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf() functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks. | ||||
| CVE-2016-9583 | 3 Jasper Project, Oracle, Redhat | 9 Jasper, Outside In Technology, Enterprise Linux and 6 more | 2024-11-21 | N/A |
| An out-of-bounds heap read vulnerability was found in the jpc_pi_nextpcrl() function of jasper before 2.0.6 when processing crafted input. | ||||
| CVE-2016-9581 | 1 Uclouvain | 1 Openjpeg | 2024-11-21 | N/A |
| An infinite loop vulnerability in tiftoimage that results in heap buffer overflow in convert_32s_C1P1 was found in openjpeg 2.1.2. | ||||
| CVE-2016-9580 | 1 Uclouvain | 1 Openjpeg | 2024-11-21 | N/A |
| An integer overflow vulnerability was found in tiftoimage function in openjpeg 2.1.2, resulting in heap buffer overflow. | ||||
| CVE-2016-9577 | 3 Debian, Redhat, Spice Project | 8 Debian Linux, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2024-11-21 | N/A |
| A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An authenticated attacker could send crafted messages to the SPICE server causing a heap overflow leading to a crash or possible code execution. | ||||
| CVE-2016-9573 | 3 Debian, Redhat, Uclouvain | 8 Debian Linux, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2024-11-21 | N/A |
| An out-of-bounds read vulnerability was found in OpenJPEG 2.1.2, in the j2k_to_image tool. Converting a specially crafted JPEG2000 file to another format could cause the application to crash or, potentially, disclose some data from the heap. | ||||
| CVE-2016-9570 | 1 Carbonblack | 1 Carbon Black | 2024-11-21 | N/A |
| cb.exe in Carbon Black 5.1.1.60603 allows attackers to cause a denial of service (out-of-bounds read, invalid pointer dereference, and application crash) by leveraging access to the NetMon named pipe. | ||||
| CVE-2016-9569 | 1 Carbonblack | 1 Carbon Black | 2024-11-21 | N/A |
| The cbstream.sys driver in Carbon Black 5.1.1.60603 allows local users with admin privileges to cause a denial of service (out-of-bounds read and system crash) via a large counter value in an 0x62430028 IOCTL call. | ||||
| CVE-2016-9080 | 1 Mozilla | 1 Firefox | 2024-11-21 | N/A |
| Memory safety bugs were reported in Firefox 50.0.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 50.1. | ||||
| CVE-2016-9063 | 3 Debian, Mozilla, Python | 3 Debian Linux, Firefox, Python | 2024-11-21 | 9.8 Critical |
| An integer overflow during the parsing of XML using the Expat library. This vulnerability affects Firefox < 50. | ||||
| CVE-2016-8783 | 1 Huawei | 4 Honor 6, Honor 6 Firmware, P9 Plus and 1 more | 2024-11-21 | N/A |
| Touchscreen drive in Huawei H60 (Honor 6) Versions earlier than H60-L02_6.12.16 and P9 Plus Versions earlier than VIE-AL10BC00B356 has a stack overflow vulnerabilities. An attacker tricks a user into installing a malicious application on the smart phone, and send given parameter to touchscreen drive to crash the system or escalate privilege. | ||||
| CVE-2016-8729 | 1 Artifex | 1 Mupdf | 2024-11-21 | 7.8 High |
| An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF can cause a negative number to be passed to a memset resulting in memory corruption and potential code execution. An attacker can specially craft a PDF and send to the victim to trigger this vulnerability. | ||||
| CVE-2016-8654 | 3 Debian, Jasper Project, Redhat | 8 Debian Linux, Jasper, Enterprise Linux and 5 more | 2024-11-21 | N/A |
| A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size. jasper versions before 2.0.0 are affected. | ||||
| CVE-2016-8622 | 2 Haxx, Redhat | 3 Libcurl, Jboss Core Services, Rhel Software Collections | 2024-11-21 | N/A |
| The URL percent-encoding decode function in libcurl before 7.51.0 is called `curl_easy_unescape`. Internally, even if this function would be made to allocate a unscape destination buffer larger than 2GB, it would return that new length in a signed 32 bit integer variable, thus the length would get either just truncated or both truncated and turned negative. That could then lead to libcurl writing outside of its heap based buffer. | ||||
| CVE-2016-8621 | 2 Haxx, Redhat | 3 Curl, Jboss Core Services, Rhel Software Collections | 2024-11-21 | N/A |
| The `curl_getdate` function in curl before version 7.51.0 is vulnerable to an out of bounds read if it receives an input with one digit short. | ||||
| CVE-2016-8620 | 2 Haxx, Redhat | 2 Curl, Rhel Software Collections | 2024-11-21 | N/A |
| The 'globbing' feature in curl before version 7.51.0 has a flaw that leads to integer overflow and out-of-bounds read via user controlled input. | ||||
| CVE-2016-8512 | 1 Hp | 2 Loadrunner, Performance Center | 2024-11-21 | N/A |
| A Remote Code Execution vulnerability in all versions of HPE LoadRunner and Performance Center was found. | ||||
| CVE-2016-8384 | 1 Marklogic | 1 Marklogic | 2024-11-21 | 8.8 High |
| An exploitable heap corruption vulnerability exists in the DHFSummary functionality of AntennaHouse DMC HTMLFilter. | ||||