Vulnerabilities (CVE)

Filtered by CWE-119
Total 13611 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-9028 1 Flac 1 Libflac 2026-06-17 7.5 HIGH N/A
Heap-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file.
CVE-2014-8985 1 Microsoft 1 Internet Explorer 2026-06-17 7.6 HIGH 7.5 HIGH
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2810, CVE-2014-2811, CVE-2014-2822, CVE-2014-2823, CVE-2014-4057, and CVE-2014-4145.
CVE-2014-8964 6 Fedoraproject, Mariadb, Opensuse and 3 more 11 Fedora, Mariadb, Opensuse and 8 more 2026-06-17 5.0 MEDIUM N/A
Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats.
CVE-2014-8962 1 Flac 1 Libflac 2026-06-17 7.5 HIGH N/A
Stack-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file.
CVE-2014-8956 1 K7computing 1 K7av Sentry Device Driver 2026-06-17 7.2 HIGH N/A
Stack-based buffer overflow in the K7Sentry.sys kernel mode driver (aka K7AV Sentry Device Driver) before 12.8.0.119, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via unspecified vectors.
CVE-2014-8920 1 Ibm 1 I Access 2026-06-17 7.2 HIGH N/A
Buffer overflow in the Data Transfer Program in IBM i Access 5770-XE1 5R4, 6.1, and 7.1 on Windows allows local users to gain privileges via unspecified vectors.
CVE-2014-8884 1 Linux 1 Linux Kernel 2026-06-17 6.1 MEDIUM N/A
Stack-based buffer overflow in the ttusbdecfe_dvbs_diseqc_send_master_cmd function in drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before 3.17.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via a large message length in an ioctl call.
CVE-2014-8830 1 Apple 1 Mac Os X 2026-06-17 6.8 MEDIUM N/A
Heap-based buffer overflow in SceneKit in Apple OS X before 10.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted accessor element in a Collada file.
CVE-2014-8829 1 Apple 1 Mac Os X 2026-06-17 7.5 HIGH N/A
SceneKit in Apple OS X before 10.10.2 allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted app.
CVE-2014-8769 1 Redhat 1 Tcpdump 2026-06-17 6.4 MEDIUM N/A
tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain sensitive information from memory or cause a denial of service (packet loss or segmentation fault) via a crafted Ad hoc On-Demand Distance Vector (AODV) packet, which triggers an out-of-bounds memory access.
CVE-2014-8738 4 Canonical, Debian, Fedoraproject and 1 more 4 Ubuntu Linux, Debian Linux, Fedora and 1 more 2026-06-17 5.0 MEDIUM N/A
The _bfd_slurp_extended_name_table function in bfd/archive.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (invalid write, segmentation fault, and crash) via a crafted extended name table in an archive.
CVE-2014-8713 1 Wireshark 1 Wireshark 2026-06-17 5.0 MEDIUM N/A
Stack-based buffer overflow in the build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
CVE-2014-8710 1 Wireshark 1 Wireshark 2026-06-17 5.0 MEDIUM N/A
The decompress_sigcomp_message function in epan/sigcomp-udvm.c in the SigComp UDVM dissector in Wireshark 1.10.x before 1.10.11 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet.
CVE-2014-8626 1 Php 1 Php 2026-06-17 7.5 HIGH N/A
Stack-based buffer overflow in the date_from_ISO8601 function in ext/xmlrpc/libxmlrpc/xmlrpc.c in PHP before 5.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by including a timezone field in a date, leading to improper XML-RPC encoding.
CVE-2014-8611 2 Apple, Freebsd 3 Iphone Os, Mac Os X, Freebsd 2026-06-17 6.9 MEDIUM N/A
The __sflush function in fflush.c in stdio in libc in FreeBSD 10.1 and the kernel in Apple iOS before 9 mishandles failures of the write system call, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted application.
CVE-2014-8548 2 Canonical, Ffmpeg 2 Ubuntu Linux, Ffmpeg 2026-06-17 7.5 HIGH N/A
Off-by-one error in libavcodec/smc.c in FFmpeg before 2.4.2 allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted Quicktime Graphics (aka SMC) video data.
CVE-2014-8547 2 Canonical, Ffmpeg 2 Ubuntu Linux, Ffmpeg 2026-06-17 7.5 HIGH N/A
libavcodec/gifdec.c in FFmpeg before 2.4.2 does not properly compute image heights, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted GIF data.
CVE-2014-8542 3 Canonical, Debian, Ffmpeg 3 Ubuntu Linux, Debian Linux, Ffmpeg 2026-06-17 7.5 HIGH N/A
libavcodec/utils.c in FFmpeg before 2.4.2 omits a certain codec ID during enforcement of alignment, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted JV data.
CVE-2014-8541 2 Canonical, Ffmpeg 2 Ubuntu Linux, Ffmpeg 2026-06-17 7.5 HIGH N/A
libavcodec/mjpegdec.c in FFmpeg before 2.4.2 considers only dimension differences, and not bits-per-pixel differences, when determining whether an image size has changed, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted MJPEG data.
CVE-2014-8514 1 Schneider Electric 1 Proclima 2026-06-17 7.5 HIGH N/A
Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8513 and CVE-2014-9188. NOTE: this may be clarified later based on details provided by researchers.