Export limit exceeded: 19928 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19928 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-9625 | 1 Videolan | 1 Vlc Media Player | 2024-11-21 | 7.8 High |
| The GetUpdateFile function in misc/update.c in the Updater in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to conduct buffer overflow attacks and execute arbitrary code via a crafted update status file, aka an "integer truncation" vulnerability. | ||||
| CVE-2014-9189 | 1 Honeywell | 1 Experion Process Knowledge System | 2024-11-21 | N/A |
| Multiple stack-based buffer overflow vulnerabilities were found in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules that could lead to possible remote code execution, dynamic memory corruption, or denial of service. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version. | ||||
| CVE-2014-9187 | 1 Honeywell | 1 Experion Process Knowledge System | 2024-11-21 | N/A |
| Multiple heap-based buffer overflow vulnerabilities exist in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules, which could lead to possible remote code execution or denial of service. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version. | ||||
| CVE-2014-8271 | 1 Tianocore | 1 Edk2 | 2024-11-21 | 6.8 Medium |
| Buffer overflow in the Reclaim function in Tianocore EDK2 before SVN 16280 allows physically proximate attackers to gain privileges via a long variable name. | ||||
| CVE-2014-8184 | 2 Liblouis, Redhat | 2 Liblouis, Enterprise Linux | 2024-11-21 | 7.8 High |
| A vulnerability was found in liblouis, versions 2.5.x before 2.5.4. A stack-based buffer overflow was found in findTable() in liblouis. An attacker could create a malicious file that would cause applications that use liblouis (such as Orca) to crash, or potentially execute arbitrary code when opened. | ||||
| CVE-2014-8141 | 2 Redhat, Unzip Project | 7 Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Server and 4 more | 2024-11-21 | 7.8 High |
| Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. | ||||
| CVE-2014-8140 | 2 Redhat, Unzip Project | 8 Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Server and 5 more | 2024-11-21 | 7.8 High |
| Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. | ||||
| CVE-2014-8139 | 2 Redhat, Unzip Project | 8 Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Server and 5 more | 2024-11-21 | 7.8 High |
| Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. | ||||
| CVE-2014-8129 | 4 Apple, Debian, Libtiff and 1 more | 9 Iphone Os, Mac Os X, Debian Linux and 6 more | 2024-11-21 | N/A |
| LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c. | ||||
| CVE-2014-6310 | 2 Call-cc, Debian | 2 Chicken, Debian Linux | 2024-11-21 | 9.8 Critical |
| Buffer overflow in CHICKEN 4.9.0 and 4.9.0.1 may allow remote attackers to execute arbitrary code via the 'select' function. | ||||
| CVE-2014-5435 | 1 Honeywell | 1 Experion Process Knowledge System | 2024-11-21 | N/A |
| An arbitrary memory write vulnerability exists in the dual_onsrv.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, that could lead to possible remote code execution or denial of service. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version. | ||||
| CVE-2014-3180 | 2 Google, Linux | 2 Chrome Os, Linux Kernel | 2024-11-21 | 9.1 Critical |
| In kernel/compat.c in the Linux kernel before 3.17, as used in Google Chrome OS and other products, there is a possible out-of-bounds read. restart_syscall uses uninitialized data when restarting compat_sys_nanosleep. NOTE: this is disputed because the code path is unreachable | ||||
| CVE-2014-2898 | 1 Wolfssl | 1 Wolfssl | 2024-11-21 | 9.8 Critical |
| wolfSSL CyaSSL before 2.9.4 allows remote attackers to have unspecified impact via multiple calls to the CyaSSL_read function which triggers an out-of-bounds read when an error occurs, related to not checking the return code and MAC verification failure. | ||||
| CVE-2014-2897 | 1 Wolfssl | 1 Wolfssl | 2024-11-21 | 9.8 Critical |
| The SSL 3 HMAC functionality in wolfSSL CyaSSL 2.5.0 before 2.9.4 does not check the padding length when verification fails, which allows remote attackers to have unspecified impact via a crafted HMAC, which triggers an out-of-bounds read. | ||||
| CVE-2014-2896 | 1 Wolfssl | 1 Wolfssl | 2024-11-21 | 9.8 Critical |
| The DoAlert function in the (1) TLS and (2) DTLS implementations in wolfSSL CyaSSL before 2.9.4 allows remote attackers to have unspecified impact and vectors, which trigger memory corruption or an out-of-bounds read. | ||||
| CVE-2014-2032 | 2 Deadwood Project, Maradns Project | 2 Deadwood, Maradns | 2024-11-21 | N/A |
| Deadwood before 2.3.09, 3.x before 3.2.05, and as used in MaraDNS before 1.4.14 and 2.x before 2.0.09, allow remote attackers to cause a denial of service (out-of-bounds read and crash) by leveraging permission to perform recursive queries against Deadwood, related to missing input validation. | ||||
| CVE-2014-2031 | 2 Deadwood Project, Maradns Project | 2 Deadwood, Maradns | 2024-11-21 | N/A |
| Deadwood before 2.3.09, 3.x before 3.2.05, and as used in MaraDNS before 1.4.14 and 2.x before 2.0.09, allow remote attackers to cause a denial of service (out-of-bounds read and crash) by leveraging permission to perform recursive queries against Deadwood, related to a logic error. | ||||
| CVE-2014-1958 | 3 Canonical, Imagemagick, Opensuse | 3 Ubuntu Linux, Imagemagick, Opensuse | 2024-11-21 | 8.8 High |
| Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030. | ||||
| CVE-2014-1617 | 1 Promotic | 1 Promotic | 2024-11-21 | 6.5 Medium |
| Microsys PROMOTIC 8.2.13 contains an ActiveX Control Start Buffer Overflow vulnerability which can lead to denial of service. | ||||
| CVE-2014-10072 | 2 Redhat, Zsh Project | 2 Enterprise Linux, Zsh | 2024-11-21 | N/A |
| In utils.c in zsh before 5.0.6, there is a buffer overflow when scanning very long directory paths for symbolic links. | ||||