Total
6097 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2016-6236 | 1 Lepton Project | 1 Lepton | 2017-02-07 | N/A |
The setup_imginfo_jpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted jpeg file. | ||||
CVE-2016-6238 | 1 Lepton Project | 1 Lepton | 2017-02-07 | N/A |
The write_ujpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause denial of service (out-of-bounds read) via a crafted jpeg file. | ||||
CVE-2016-5115 | 1 Libavformat Project | 1 Libavformat | 2017-02-07 | N/A |
The avcodec_decode_audio4 function in libavcodec in libavformat 57.34.103, as used in MPlayer, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mp3 file. | ||||
CVE-2016-9109 | 1 Artifex | 1 Mujs | 2017-01-20 | N/A |
Artifex Software MuJS allows attackers to cause a denial of service (crash) via vectors related to incomplete escape sequences. NOTE: this vulnerability exists due to an incomplete fix for CVE-2016-7563. | ||||
CVE-2016-7563 | 1 Artifex | 1 Mujs | 2017-01-20 | N/A |
The chartorune function in Artifex Software MuJS allows attackers to cause a denial of service (out-of-bounds read) via a * (asterisk) at the end of the input. | ||||
CVE-2016-6891 | 1 Matrixssl | 1 Matrixssl | 2017-01-06 | N/A |
MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ASN.1 Bit Field primitive in an X.509 certificate. | ||||
CVE-2016-9539 | 1 Libtiff | 1 Libtiff | 2016-12-10 | N/A |
tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds read in readContigTilesIntoBuffer(). Reported as MSVR 35092. | ||||
CVE-2016-9803 | 1 Bluez | 1 Bluez | 2016-12-07 | N/A |
In BlueZ 5.42, an out-of-bounds read was observed in "le_meta_ev_dump" function in "tools/parser/hci.c" source file. This issue exists because 'subevent' (which is used to read correct element from 'ev_le_meta_str' array) is overflowed. | ||||
CVE-2016-7506 | 1 Artifex | 1 Mujs | 2016-12-02 | N/A |
An out-of-bounds read vulnerability was observed in Sp_replace_regexp function of Artifex Software, Inc. MuJS before 5000749f5afe3b956fc916e407309de840997f4a. A successful exploitation of this issue can lead to code execution or denial of service condition. | ||||
CVE-2016-7917 | 1 Linux | 1 Linux Kernel | 2016-12-02 | N/A |
The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux kernel before 4.5 does not check whether a batch message's length field is large enough, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (infinite loop or out-of-bounds read) by leveraging the CAP_NET_ADMIN capability. | ||||
CVE-2016-8878 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2016-11-29 | N/A |
Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted BMP image embedded in the XFA stream in a PDF document, aka "Data from Faulting Address may be used as a return value starting at FOXITREADER." | ||||
CVE-2016-8876 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2016-11-29 | N/A |
Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF image embedded in the XFA stream in a PDF document, aka "Read Access Violation starting at FoxitReader." | ||||
CVE-2016-8875 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2016-11-29 | N/A |
The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF image, aka "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at ConvertToPDF_x86!CreateFXPDFConvertor." | ||||
CVE-2016-9017 | 1 Artifex | 1 Mujs | 2016-11-29 | N/A |
Artifex Software, Inc. MuJS before a5c747f1d40e8d6659a37a8d25f13fb5acf8e767 allows context-dependent attackers to obtain sensitive information by using the "opname in crafted JavaScript file" approach, related to an "Out-of-Bounds read" issue affecting the jsC_dumpfunction function in the jsdump.c component. | ||||
CVE-2016-5352 | 1 Wireshark | 1 Wireshark | 2016-11-28 | N/A |
epan/crypt/airpdcap.c in the IEEE 802.11 dissector in Wireshark 2.x before 2.0.4 mishandles certain length values, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | ||||
CVE-2016-3855 | 1 Google | 1 Android | 2016-11-28 | N/A |
drivers/thermal/supply_lm_core.c in the Qualcomm components in Android before 2016-08-05 does not validate a certain count parameter, which allows attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted application, aka Qualcomm internal bug CR990824. | ||||
CVE-2016-3854 | 1 Google | 1 Android | 2016-11-28 | N/A |
drivers/media/video/msm/msm_mctl_buf.c in the Qualcomm components in Android before 2016-08-05 does not validate the image mode, which allows attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted application, aka Qualcomm internal bug CR897326. |