ReportizFlow
Filtered by vendor
Subscriptions
Total
9203 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-9816 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 5.5 Medium |
| ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted viff file. | ||||
| CVE-2017-9128 | 1 Libquicktime | 1 Libquicktime | 2025-04-20 | N/A |
| The quicktime_video_width function in lqt_quicktime.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted mp4 file. | ||||
| CVE-2016-5434 | 1 Pacman Project | 1 Pacman | 2025-04-20 | N/A |
| libalpm, as used in pacman 5.0.1, allows remote attackers to cause a denial of service (infinite loop or out-of-bounds read) via a crafted signature file. | ||||
| CVE-2017-9471 | 2 Canonical, Ytnef Project | 2 Ubuntu Linux, Ytnef | 2025-04-20 | N/A |
| In ytnef 1.9.2, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. | ||||
| CVE-2017-16414 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2025-04-20 | N/A |
| An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is a part of the JavaScript API module responsible for form field computation. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure. | ||||
| CVE-2017-16845 | 3 Canonical, Debian, Qemu | 3 Ubuntu Linux, Debian Linux, Qemu | 2025-04-20 | 10.0 Critical |
| hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' values during guest migration, leading to out-of-bounds access. | ||||
| CVE-2014-8562 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | N/A |
| DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read). | ||||
| CVE-2017-9727 | 2 Artifex, Debian | 2 Ghostscript Ghostxps, Debian Linux | 2025-04-20 | N/A |
| The gx_ttfReader__Read function in base/gxttfb.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | ||||
| CVE-2017-11577 | 1 Fontforge | 1 Fontforge | 2025-04-20 | N/A |
| FontForge 20161012 is vulnerable to a buffer over-read in getsid (parsettf.c) resulting in DoS or code execution via a crafted otf file. | ||||
| CVE-2017-11722 | 1 Graphicsmagick | 1 Graphicsmagick | 2025-04-20 | N/A |
| The WriteOnePNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file, because the program's actual control flow was inconsistent with its indentation. This resulted in a logging statement executing outside of a loop, and consequently using an invalid array index corresponding to the loop's exit condition. | ||||
| CVE-2017-15368 | 1 Radare | 1 Radare2 | 2025-04-20 | N/A |
| The wasm_dis function in libr/asm/arch/wasm/wasm.c in radare2 2.0.0 allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted WASM file that triggers an incorrect r_hex_bin2str call. | ||||
| CVE-2017-17783 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2025-04-20 | N/A |
| In GraphicsMagick 1.3.27a, there is a buffer over-read in ReadPALMImage in coders/palm.c when QuantumDepth is 8. | ||||
| CVE-2017-17504 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2025-04-20 | 6.5 Medium |
| ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage. | ||||
| CVE-2017-17503 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2025-04-20 | N/A |
| ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a magick/import.c ImportGrayQuantumType heap-based buffer over-read via a crafted file. | ||||
| CVE-2016-9809 | 2 Gstreamer, Redhat | 2 Gstreamer, Enterprise Linux | 2025-04-20 | N/A |
| Off-by-one error in the gst_h264_parse_set_caps function in GStreamer before 1.10.2 allows remote attackers to have unspecified impact via a crafted file, which triggers an out-of-bounds read. | ||||
| CVE-2017-15021 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| bfd_get_debug_link_info_1 in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to bfd_getl32. | ||||
| CVE-2017-16643 | 1 Linux | 1 Linux Kernel | 2025-04-20 | N/A |
| The parse_hid_report_descriptor function in drivers/input/tablet/gtco.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device. | ||||
| CVE-2017-7299 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an invalid read (of size 8) because the code to emit relocs (bfd_elf_final_link function in bfd/elflink.c) does not check the format of the input file before trying to read the ELF reloc section header. The vulnerability leads to a GNU linker (ld) program crash. | ||||
| CVE-2017-9986 | 1 Linux | 1 Linux Kernel | 2025-04-20 | N/A |
| The intr function in sound/oss/msnd_pinnacle.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service (over-boundary access) or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that value, aka a "double fetch" vulnerability. | ||||
| CVE-2017-14931 | 1 Openexif Project | 1 Openexif | 2025-04-20 | N/A |
| ExifImageFile::readDQT in ExifImageFileRead.cpp in OpenExif 2.1.4 allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted JPEG file. | ||||