Search Results (3015 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-1986 2 Redhat, X 2 Enterprise Linux, Libxrandr 2025-04-11 N/A
Multiple integer overflows in X.org libXrandr 1.4.0 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XRRQueryOutputProperty and (2) XRRQueryProviderProperty functions.
CVE-2012-4540 2 Opensuse, Redhat 3 Opensuse, Enterprise Linux, Icedtea-web 2025-04-11 N/A
Off-by-one error in the invoke function in IcedTeaScriptablePluginObject.cc in IcedTea-Web 1.1.x before 1.1.7, 1.2.x before 1.2.2, 1.3.x before 1.3.1, and 1.4.x before 1.4.1 allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly execute arbitrary code via a crafted webpage that triggers a heap-based buffer overflow, related to an error message and a "triggering event attached to applet." NOTE: the 1.4.x versions were originally associated with CVE-2013-4349, but that entry has been MERGED with this one.
CVE-2012-4564 5 Canonical, Debian, Libtiff and 2 more 9 Ubuntu Linux, Debian Linux, Libtiff and 6 more 2025-04-11 N/A
ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory allocation, and a heap-based buffer overflow.
CVE-2013-1960 2 Redhat, Remotesensing 2 Enterprise Linux, Libtiff 2025-04-11 N/A
Heap-based buffer overflow in the t2p_process_jpeg_strip function in tiff2pdf in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image file.
CVE-2013-1978 3 Gimp, Gnome, Redhat 3 Gimp, Glib, Enterprise Linux 2025-04-11 N/A
Heap-based buffer overflow in the read_xwd_cols function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an X Window System (XWD) image dump with more colors than color map entries.
CVE-2013-1981 3 Canonical, Redhat, X 3 Ubuntu Linux, Enterprise Linux, Libx11 2025-04-11 N/A
Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) XListFontsWithInfo, (4) XGetMotionEvents, (5) XListHosts, (6) XGetModifierMapping, (7) XGetPointerMapping, (8) XGetKeyboardMapping, (9) XGetWindowProperty, (10) XGetImage, (11) LoadColornameDB, (12) XrmGetFileDatabase, (13) _XimParseStringFile, or (14) TransFileName functions.
CVE-2013-1982 2 Redhat, X 2 Enterprise Linux, Libxext 2025-04-11 N/A
Multiple integer overflows in X.org libXext 1.3.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XcupGetReservedColormapEntries, (2) XcupStoreColors, (3) XdbeGetVisualInfo, (4) XeviGetVisualInfo, (5) XShapeGetRectangles, and (6) XSyncListSystemCounters functions.
CVE-2013-1983 2 Redhat, X 2 Enterprise Linux, Libxfixes 2025-04-11 N/A
Integer overflow in X.org libXfixes 5.0 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XFixesGetCursorImage function.
CVE-2013-1985 2 Redhat, X 2 Enterprise Linux, Libxinerama 2025-04-11 N/A
Integer overflow in X.org libXinerama 1.1.2 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XineramaQueryScreens function.
CVE-2023-36824 2 Fedoraproject, Redis 2 Fedora, Redis 2025-04-10 7.4 High
Redis is an in-memory database that persists on disk. In Redit 7.0 prior to 7.0.12, extracting key names from a command and a list of arguments may, in some cases, trigger a heap overflow and result in reading random heap memory, heap corruption and potentially remote code execution. Several scenarios that may lead to authenticated users executing a specially crafted `COMMAND GETKEYS` or `COMMAND GETKEYSANDFLAGS`and authenticated users who were set with ACL rules that match key names, executing a specially crafted command that refers to a variadic list of key names. The vulnerability is patched in Redis 7.0.12.
CVE-2022-40661 1 Nikon 1 Nis-elements Viewer 2025-04-10 7.8 High
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15134.
CVE-2023-45591 1 Ailux 1 Imx6 2025-04-10 7.5 High
A CWE-122 “Heap-based Buffer Overflow” vulnerability in the “logger_generic” function of the “Ax_rtu” binary allows a remote authenticated attacker to trigger a memory corruption in the context of the binary. This may result in a Denial-of-Service (DoS) condition, possibly in the execution of arbitrary code with the same privileges of the process (root), or have other unspecified impacts on the device. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2.
CVE-2022-4801 1 Usememos 1 Memos 2025-04-10 5.3 Medium
Insufficient Granularity of Access Control in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4813 1 Usememos 1 Memos 2025-04-10 4.3 Medium
Insufficient Granularity of Access Control in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-44428 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-04-10 5.5 Medium
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
CVE-2022-44427 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-04-10 5.5 Medium
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
CVE-2022-44430 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-04-10 5.5 Medium
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
CVE-2022-44429 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-04-10 5.5 Medium
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
CVE-2021-3966 1 Zephyrproject 1 Zephyr 2025-04-09 9.6 Critical
usb device bluetooth class includes a buffer overflow related to implementation of net_buf_add_mem.
CVE-2023-0049 2 Fedoraproject, Vim 2 Fedora, Vim 2025-04-09 7.8 High
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143.