Vulnerabilities (CVE)

Filtered by CWE-119
Total 12305 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-9718 1 Google 1 Android 2025-04-20 4.4 MEDIUM 7.0 HIGH
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in a multimedia driver can potentially lead to a buffer overwrite.
CVE-2017-2470 1 Apple 3 Iphone Os, Safari, Tvos 2025-04-20 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-10983 1 Freeradius 1 Freeradius 2025-04-20 5.0 MEDIUM 7.5 HIGH
An FR-GV-206 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "DHCP - Read overflow when decoding option 63" and a denial of service.
CVE-2017-9891 1 Irfanview 2 Fpx, Irfanview 2025-04-20 6.8 MEDIUM 7.8 HIGH
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FPX!FPX_GetScanDevicePropertyGroup+0x0000000000007053."
CVE-2016-8971 1 Ibm 1 Websphere Mq 2025-04-20 6.8 MEDIUM 6.5 MEDIUM
IBM WebSphere MQ 8.0 could allow an authenticated user with queue manager permissions to cause a segmentation fault which would result in the box having to be rebooted to resume normal operations. IBM Reference #: 1998663.
CVE-2016-7932 1 Tcpdump 1 Tcpdump 2025-04-20 7.5 HIGH 9.8 CRITICAL
The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum().
CVE-2017-9906 1 Xnview 1 Xnview 2025-04-20 6.8 MEDIUM 7.8 HIGH
XnView Classic for Windows Version 2.40 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at Xfpx!gffGetFormatInfo+0x0000000000028508."
CVE-2016-5318 1 Libtiff 1 Libtiff 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
Stack-based buffer overflow in the _TIFFVGetField function in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted tiff.
CVE-2017-8273 1 Google 1 Android 2025-04-20 6.8 MEDIUM 7.8 HIGH
In all Qualcomm products with Android release from CAF using the Linux kernel, while processing fastboot boot command when verified boot feature is disabled, with length greater than boot image buffer, a buffer overflow can occur.
CVE-2017-7910 1 Digital Canal Structural 1 Wind Analysis 2025-04-20 5.0 MEDIUM 7.5 HIGH
A Stack-Based Buffer Overflow issue was discovered in Digital Canal Structural Wind Analysis versions 9.1 and prior. An attacker may be able to run arbitrary code by remotely exploiting an executable to perform a denial-of-service attack.
CVE-2017-15253 1 Irfanview 2 Irfanview, Pdf 2025-04-20 6.8 MEDIUM 7.8 HIGH
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to a "User Mode Write AV starting at PDF!xmlGetGlobalState+0x000000000007dff2."
CVE-2017-15741 1 Irfanview 2 Cadimage, Irfanview 2025-04-20 6.8 MEDIUM 7.8 HIGH
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Possible Stack Corruption starting at CADIMAGE+0x00000000003d2378."
CVE-2017-6191 1 Apng Disassembler Project 1 Apng Disassembler 2025-04-20 6.8 MEDIUM 7.8 HIGH
Buffer overflow in APNGDis 2.8 and below allows a remote attacker to execute arbitrary code via a crafted filename.
CVE-2017-11878 1 Microsoft 3 Excel, Excel Viewer, Office Compatibility Pack 2025-04-20 9.3 HIGH 7.8 HIGH
Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Compatibility Pack Service Pack 3, and Microsoft Excel Viewer 2007 Service Pack 3 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Excel Memory Corruption Vulnerability".
CVE-2017-12883 1 Perl 1 Perl 2025-04-20 6.4 MEDIUM 9.1 CRITICAL
Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to disclose sensitive information or cause a denial of service (application crash) via a crafted regular expression with an invalid '\N{U+...}' escape.
CVE-2015-9071 1 Google 1 Android 2025-04-20 10.0 HIGH 9.8 CRITICAL
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read vulnerability exists in a TrustZone syscall.
CVE-2017-10744 2 Microsoft, Xnview 2 Windows, Xnview 2025-04-20 4.6 MEDIUM 7.8 HIGH
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Read Access Violation on Control Flow starting at COMCTL32!CToolTipsMgr::s_ToolTipsWndProc+0x0000000000000032."
CVE-2017-14575 1 Stdutility 1 Stdu Viewer 2025-04-20 4.6 MEDIUM 7.8 HIGH
STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to an "Illegal Instruction Violation starting at Unknown Symbol @ 0x0000000002d8024c called from STDUXPSFile!DllUnregisterServer+0x000000000002566c."
CVE-2017-0224 1 Microsoft 1 Edge 2025-04-20 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way JavaScript engines render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238.
CVE-2017-9048 1 Xmlsoft 1 Libxml2 2025-04-20 5.0 MEDIUM 7.5 HIGH
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 < size. This vulnerability causes programs that use libxml2, such as PHP, to crash.