Total
1229 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-10145 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy. | |||||
| CVE-2016-9825 | 1 Libav | 1 Libav | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| libswscale/utils.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. | |||||
| CVE-2016-10158 | 1 Php | 1 Php | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The exif_convert_any_to_int function in ext/exif/exif.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (application crash) via crafted EXIF data that triggers an attempt to divide the minimum representable negative integer by -1. | |||||
| CVE-2016-7513 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| Off-by-one error in magick/cache.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors. | |||||
| CVE-2016-10094 | 1 Libtiff | 1 Libtiff | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| Off-by-one error in the t2p_readwrite_pdf_image_tile function in tools/tiff2pdf.c in LibTIFF 4.0.7 allows remote attackers to have unspecified impact via a crafted image. | |||||
| CVE-2016-5241 | 3 Debian, Graphicsmagick, Opensuse | 4 Debian Linux, Graphicsmagick, Leap and 1 more | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file. | |||||
| CVE-2016-6242 | 1 Openbsd | 1 Openbsd | 2025-04-20 | 4.9 MEDIUM | 5.5 MEDIUM |
| OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (assertion failure and kernel panic) via a large ident value in a kevent system call. | |||||
| CVE-2015-2158 | 1 Pngcrush Project | 1 Pngcrush | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| Off-by-one error in the pngcrush_measure_idat function in pngcrush.c in pngcrush before 1.7.84 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file. | |||||
| CVE-2015-4626 | 1 Treasuryxpress | 1 C2box | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| B.A.S C2Box before 4.0.0 (r19171) relies on client-side validation, which allows remote attackers to "corrupt the business logic" via a negative value in an overdraft. | |||||
| CVE-2016-6240 | 1 Openbsd | 1 Openbsd | 2025-04-20 | 7.2 HIGH | 7.8 HIGH |
| Integer truncation error in the amap_alloc function in OpenBSD 5.8 and 5.9 allows local users to execute arbitrary code with kernel privileges via a large size value. | |||||
| CVE-2015-9002 | 1 Google | 1 Android | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| In TrustZone an out-of-range pointer offset vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel. | |||||
| CVE-2016-9819 | 1 Libav | 1 Libav | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| libavcodec/mpegvideo.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. | |||||
| CVE-2016-9826 | 1 Libav | 1 Libav | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| libavcodec/ituh263dec.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. | |||||
| CVE-2014-5119 | 2 Debian, Gnu | 2 Debian Linux, Glibc | 2025-04-12 | 7.5 HIGH | N/A |
| Off-by-one error in the __gconv_translit_find function in gconv_trans.c in GNU C Library (aka glibc) allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via vectors related to the CHARSET environment variable and gconv transliteration modules. | |||||
| CVE-2015-4496 | 2 Mozilla, Oracle | 2 Firefox, Solaris | 2025-04-12 | 9.3 HIGH | N/A |
| Multiple integer overflows in libstagefright in Mozilla Firefox before 38.0 allow remote attackers to execute arbitrary code via crafted sample metadata in an MPEG-4 video file, a related issue to CVE-2015-1538. | |||||
| CVE-2015-4472 | 1 Libmspack Project | 1 Libmspack | 2025-04-12 | 6.8 MEDIUM | N/A |
| Off-by-one error in the READ_ENCINT macro in chmd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted CHM file. | |||||
| CVE-2015-4067 | 1 Dell | 1 Netvault Backup | 2025-04-12 | 10.0 HIGH | N/A |
| Integer overflow in the libnv6 module in Dell NetVault Backup before 10.0.5 allows remote attackers to execute arbitrary code via crafted template string specifiers in a serialized object, which triggers a heap-based buffer overflow. | |||||
| CVE-2014-9795 | 1 Google | 1 Android | 2025-04-12 | 10.0 HIGH | 7.8 HIGH |
| app/aboot/aboot.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices does not properly check for an integer overflow, which allows attackers to bypass intended access restrictions via crafted start and size values, aka Android internal bug 28820720 and Qualcomm internal bug CR681957, a related issue to CVE-2014-4325. | |||||
| CVE-2014-7901 | 1 Google | 1 Chrome | 2025-04-12 | 7.5 HIGH | N/A |
| Integer overflow in the opj_t2_read_packet_data function in fxcodec/fx_libopenjpeg/libopenjpeg20/t2.c in OpenJPEG in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long segment in a JPEG image. | |||||
| CVE-2015-5479 | 3 Libav, Opensuse, Ubuntu | 3 Libav, Leap, Ubuntu | 2025-04-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| The ff_h263_decode_mba function in libavcodec/ituh263dec.c in Libav before 11.5 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a file with crafted dimensions. | |||||