Vulnerabilities (CVE)

Filtered by CWE-119
Total 13646 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-8863 2 Jq Project, Opensuse 3 Jq, Leap, Opensuse 2026-06-17 10.0 HIGH 9.8 CRITICAL
Off-by-one error in the tokenadd function in jv_parse.c in jq allows remote attackers to cause a denial of service (crash) via a long JSON-encoded number, which triggers a heap-based buffer overflow.
CVE-2015-8843 1 Foxitsoftware 1 Foxit Reader 2026-06-17 6.9 MEDIUM 7.4 HIGH
The Foxit Cloud Update Service (FoxitCloudUpdateService) in Foxit Reader 6.1 through 6.2.x and 7.x before 7.2.2, when an update to the Cloud plugin is available, allows local users to gain privileges by writing crafted data to a shared memory region, which triggers memory corruption.
CVE-2015-8837 3 Debian, Fedoraproject, Fuseiso Project 3 Debian Linux, Fedora, Fuseiso 2026-06-17 6.8 MEDIUM 7.3 HIGH
Stack-based buffer overflow in the isofs_real_readdir function in isofs.c in FuseISO 20070708 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long pathname in an ISO file.
CVE-2015-8836 2 Fedoraproject, Fuseiso Project 2 Fedora, Fuseiso 2026-06-17 6.8 MEDIUM 7.3 HIGH
Integer overflow in the isofs_real_read_zf function in isofs.c in FuseISO 20070708 might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a large ZF block size in an ISO file, leading to a heap-based buffer overflow.
CVE-2015-8808 3 Fedoraproject, Graphicsmagick, Suse 5 Fedora, Graphicsmagick, Linux Enterprise Debuginfo and 2 more 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted GIF file.
CVE-2015-8792 2 Matroska, Opensuse 3 Libmatroska, Leap, Opensuse 2026-06-17 5.0 MEDIUM 5.3 MEDIUM
The KaxInternalBlock::ReadData function in libMatroska before 1.4.4 allows context-dependent attackers to obtain sensitive information from process heap memory via crafted EBML lacing, which triggers an invalid memory access.
CVE-2015-8779 6 Canonical, Debian, Fedoraproject and 3 more 10 Ubuntu Linux, Debian Linux, Fedora and 7 more 2026-06-17 7.5 HIGH 9.8 CRITICAL
Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name.
CVE-2015-8778 6 Canonical, Debian, Fedoraproject and 3 more 10 Ubuntu Linux, Debian Linux, Fedora and 7 more 2026-06-17 7.5 HIGH 9.8 CRITICAL
Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memory access.
CVE-2015-8773 1 Mcafee 1 File Lock 2026-06-17 7.8 HIGH 7.5 HIGH
Stack-based buffer overflow in McPvDrv.sys 4.6.111.0 in McAfee File Lock 5.x in McAfee Total Protection allows attackers to cause a denial of service (system crash) via a long vault GUID in an ioctl call.
CVE-2015-8764 1 Freeradius 1 Freeradius 2026-06-17 6.8 MEDIUM 8.1 HIGH
Off-by-one error in the EAP-PWD module in FreeRADIUS 3.0 through 3.0.8, which triggers a buffer overflow.
CVE-2015-8726 1 Wireshark 1 Wireshark 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.
CVE-2015-8725 1 Wireshark 1 Wireshark 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
The dissect_diameter_base_framed_ipv6_prefix function in epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the IPv6 prefix length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.
CVE-2015-8723 1 Wireshark 1 Wireshark 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.
CVE-2015-8713 1 Wireshark 1 Wireshark 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not properly reserve memory for channel ID mappings, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.
CVE-2015-8710 2 Debian, Xmlsoft 2 Debian Linux, Libxml2 2026-06-17 7.5 HIGH 9.8 CRITICAL
The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory access and application crash), or possibly have unspecified other impact via an unclosed HTML comment.
CVE-2015-8708 1 Claws-mail 1 Claws-mail 2026-06-17 7.5 HIGH 7.3 HIGH
Stack-based buffer overflow in the conv_euctojis function in codeconv.c in Claws Mail 3.13.1 allows remote attackers to have unspecified impact via a crafted email, involving Japanese character set conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8614.
CVE-2015-8683 2 Debian, Libtiff 2 Debian Linux, Libtiff 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
The putcontig8bitCIELab function in tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a packed TIFF image.
CVE-2015-8676 1 Huawei 22 S2300, S2300 Firmware, S2350ei and 19 more 2026-06-17 7.8 HIGH 7.5 HIGH
Memory leak in Huawei S5300EI, S5300SI, S5310HI, S6300EI/ S2350EI, and S5300LI Campus series switches with software V200R001C00 before V200R001SPH018, V200R002C00 before V200R003SPH011, and V200R003C00 before V200R003SPH011; S9300, S7700, and S9700 Campus series switches with software V200R001C00 before V200R001SPH023, V200R002C00 before V200R003SPH011, and V200R003C00 before V200R003SPH011; and S2300 and S3300 Campus series switches with software V100R006C05 before V100R006SPH022 allows remote attackers to cause a denial of service (memory consumption and reboot) via a large number of ICMPv6 packets.
CVE-2015-8665 1 Libtiff 1 Libtiff 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via the SamplesPerPixel tag in a TIFF image.
CVE-2015-8663 1 Ffmpeg 1 Ffmpeg 2026-06-17 7.5 HIGH 8.3 HIGH
The ff_get_buffer function in libavcodec/utils.c in FFmpeg before 2.8.4 preserves width and height values after a failure, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .mov file.