Export limit exceeded: 334964 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (15219 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-3282 | 1 Microsoft | 10 Office, Office Compatibility Pack, Office Online Server and 7 more | 2025-04-12 | N/A |
| Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, SharePoint Server 2016, Office Web Apps 2010 SP2, Office Web Apps Server 2013 SP1, and Office Online Server allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." | ||||
| CVE-2016-4051 | 4 Canonical, Oracle, Redhat and 1 more | 4 Ubuntu Linux, Linux, Enterprise Linux and 1 more | 2025-04-12 | N/A |
| Buffer overflow in cachemgr.cgi in Squid 2.x, 3.x before 3.5.17, and 4.x before 4.0.9 might allow remote attackers to cause a denial of service or execute arbitrary code by seeding manager reports with crafted data. | ||||
| CVE-2016-4658 | 3 Apple, Redhat, Xmlsoft | 6 Iphone Os, Mac Os X, Tvos and 3 more | 2025-04-12 | N/A |
| xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document. | ||||
| CVE-2016-3207 | 1 Microsoft | 3 Internet Explorer, Jscript, Vbscript | 2025-04-12 | N/A |
| The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3205 and CVE-2016-3206. | ||||
| CVE-2015-3036 | 1 Kcodes | 1 Netusb | 2025-04-12 | N/A |
| Stack-based buffer overflow in the run_init_sbus function in the KCodes NetUSB module for the Linux kernel, as used in certain NETGEAR products, TP-LINK products, and other products, allows remote attackers to execute arbitrary code by providing a long computer name in a session on TCP port 20005. | ||||
| CVE-2014-1635 | 1 Belkin | 2 N750 Wireless Router, N750 Wireless Router Firmware | 2025-04-12 | N/A |
| Buffer overflow in login.cgi in MiniHttpd in Belkin N750 Router with firmware before F9K1103_WW_1.10.17m allows remote attackers to execute arbitrary code via a long string in the jump parameter. | ||||
| CVE-2014-1646 | 1 Symantec | 2 Encryption Desktop, Pgp Desktop | 2025-04-12 | N/A |
| Symantec PGP Desktop 10.0.x through 10.2.x and Encryption Desktop Professional 10.3.x before 10.3.2 MP1 do not properly perform memory copies, which allows remote attackers to cause a denial of service (read access violation and application crash) via a malformed certificate. | ||||
| CVE-2013-4980 | 1 Avtech | 2 Avn801 Dvr, Avn801 Dvr Firmware | 2025-04-12 | N/A |
| Buffer overflow in the RTSP Packet Handler in AVTECH AVN801 DVR with firmware 1017-1003-1009-1003 and earlier, and possibly other devices, allows remote attackers to cause a denial of service (device crash) and possibly execute arbitrary code via a long string in the URI in an RTSP SETUP request. | ||||
| CVE-2016-4463 | 3 Apache, Debian, Redhat | 4 Xerces-c\+\+, Debian Linux, Enterprise Linux and 1 more | 2025-04-12 | N/A |
| Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD. | ||||
| CVE-2015-7555 | 2 Fedoraproject, Giflib Project | 2 Fedora, Giflib | 2025-04-12 | N/A |
| Heap-based buffer overflow in giffix.c in giffix in giflib 5.1.1 allows attackers to cause a denial of service (program crash) via crafted image and logical screen width fields in a GIF file. | ||||
| CVE-2014-9451 | 1 Vdgsecurity | 1 Vdg Sense | 2025-04-12 | N/A |
| Multiple stack-based buffer overflows in the DIVA web service API (/webservice) in VDG Security SENSE (formerly DIVA) 2.3.13 allow remote attackers to execute arbitrary code via the (1) user or (2) password parameter in an AuthenticateUser request. | ||||
| CVE-2014-1493 | 6 Canonical, Debian, Mozilla and 3 more | 18 Ubuntu Linux, Debian Linux, Firefox and 15 more | 2025-04-12 | 9.8 Critical |
| Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||||
| CVE-2014-1710 | 1 Google | 1 Chrome Os | 2025-04-12 | N/A |
| The AsyncPixelTransfersCompletedQuery::End function in gpu/command_buffer/service/query_manager.cc in Google Chrome, as used in Google Chrome OS before 33.0.1750.152, does not check whether a certain position is within the bounds of a shared-memory segment, which allows remote attackers to cause a denial of service (GPU command-buffer memory corruption) or possibly have unspecified other impact via unknown vectors. | ||||
| CVE-2011-3623 | 1 Videolan | 1 Vlc Media Player | 2025-04-12 | N/A |
| Multiple stack-based buffer overflows in VideoLAN VLC media player before 1.0.2 allow remote attackers to execute arbitrary code via (1) a crafted ASF file, related to the ASF_ObjectDumpDebug function in modules/demux/asf/libasf.c; (2) a crafted AVI file, related to the AVI_ChunkDumpDebug_level function in modules/demux/avi/libavi.c; or (3) a crafted MP4 file, related to the __MP4_BoxDumpStructure function in modules/demux/mp4/libmp4.c. | ||||
| CVE-2015-7498 | 5 Canonical, Debian, Hp and 2 more | 11 Ubuntu Linux, Debian Linux, Icewall Federation Agent and 8 more | 2025-04-12 | N/A |
| Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure. | ||||
| CVE-2015-7499 | 7 Apple, Canonical, Debian and 4 more | 17 Iphone Os, Mac Os X, Tvos and 14 more | 2025-04-12 | N/A |
| Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors. | ||||
| CVE-2015-8241 | 5 Canonical, Debian, Hp and 2 more | 11 Ubuntu Linux, Debian Linux, Icewall Federation Agent and 8 more | 2025-04-12 | N/A |
| The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data. | ||||
| CVE-2015-4695 | 2 Redhat, Wvware | 2 Enterprise Linux, Libwmf | 2025-04-12 | N/A |
| meta.h in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WMF file. | ||||
| CVE-2016-2345 | 1 Dameware | 1 Mini Remote Control | 2025-04-12 | N/A |
| Stack-based buffer overflow in dwrcs.exe in the dwmrcs daemon in SolarWinds DameWare Mini Remote Control 12.0 allows remote attackers to execute arbitrary code via a crafted string. | ||||
| CVE-2016-1969 | 3 Mozilla, Redhat, Sil | 3 Firefox, Enterprise Linux, Graphite2 | 2025-04-12 | N/A |
| The setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.6.1, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted Graphite smart font. | ||||