Max CVSS 7.5 Min CVSS 2.1 Total Count53
IDCVSSSummaryLast (major) updatePublished
CVE-2016-9586 6.8
curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf() functions. If there are any application that accepts a format string from the outside without necessary
23-04-2018 - 14:29 23-04-2018 - 14:29
CVE-2017-5208 6.8
Integer overflow in the wrestool program in icoutils before 0.31.1 allows remote attackers to cause a denial of service (memory corruption) via a crafted executable, which triggers a denial of service (application crash) or the possibility of executi
22-08-2017 - 14:29 22-08-2017 - 14:29
CVE-2016-8743 5.0
Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in
27-07-2017 - 17:29 27-07-2017 - 17:29
CVE-2016-2161 5.0
In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid requests.
27-07-2017 - 17:29 27-07-2017 - 17:29
CVE-2016-0736 5.0
In Apache HTTP Server versions 2.4.0 to 2.4.23, mod_session_crypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation (AES256-CBC by default), hence no selectable or builtin authenticated en
27-07-2017 - 17:29 27-07-2017 - 17:29
CVE-2017-2784 6.8
An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code of ARM mbed TLS before 1.3.19, 2.x before 2.1.7, and 2.4.x before 2.4.2. A specially crafted x509 certificate, when parsed by mbed TLS library, can cause
26-04-2017 - 15:44 20-04-2017 - 14:59
CVE-2016-7467 3.5
The TMM SSO plugin in F5 BIG-IP APM 12.0.0 - 12.1.1, 11.6.0 - 11.6.1 HF1, 11.5.4 - 11.5.4 HF2, when configured as a SAML Identity Provider with a Service Provider (SP) connector, might allow traffic to be disrupted or failover initiated when a malfor
17-04-2017 - 11:38 11-04-2017 - 10:59
CVE-2017-6832 4.3
Heap-based buffer overflow in the decodeBlock in MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
13-04-2017 - 21:59 20-03-2017 - 12:59
CVE-2017-6831 4.3
Heap-based buffer overflow in the decodeBlockWAVE function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
13-04-2017 - 21:59 20-03-2017 - 12:59
CVE-2017-6837 4.3
WAVE.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via vectors related to a large number of coefficients.
04-04-2017 - 21:59 20-03-2017 - 12:59
CVE-2017-6829 4.3
The decodeSample function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
30-03-2017 - 21:59 20-03-2017 - 12:59
CVE-2017-6828 6.8
Heap-based buffer overflow in the readValue function in FileHandle.cpp in audiofile (aka libaudiofile and Audio File Library) 0.3.6 allows remote attackers to have unspecified impact via a crafted WAV file.
30-03-2017 - 21:59 15-03-2017 - 10:59
CVE-2016-7468 4.3
An unauthenticated remote attacker may be able to disrupt services on F5 BIG-IP 11.4.1 - 11.5.4 devices with maliciously crafted network traffic. This vulnerability affects virtual servers associated with TCP profiles when the BIG-IP system's tm.tcpp
29-03-2017 - 09:46 23-03-2017 - 10:59
CVE-2017-7177 5.0
Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching.
24-03-2017 - 21:59 18-03-2017 - 16:59
CVE-2016-10214 4.9
Memory leak in the virgl_resource_attach_backing function in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands.
23-03-2017 - 06:48 20-03-2017 - 12:59
CVE-2017-5956 2.1
The vrend_draw_vbo function in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors involving vertext_buffer_index.
22-03-2017 - 15:51 20-03-2017 - 12:59
CVE-2017-6838 4.3
Integer overflow in sfcommands/sfconvert.c in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
22-03-2017 - 13:09 20-03-2017 - 12:59
CVE-2017-6836 4.3
Heap-based buffer overflow in the Expand3To4Module::run function in libaudiofile/modules/SimpleModule.h in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
22-03-2017 - 13:08 20-03-2017 - 12:59
CVE-2017-6835 4.3
The reset1 function in libaudiofile/modules/BlockCodec.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted file.
22-03-2017 - 13:02 20-03-2017 - 12:59
CVE-2017-6834 4.3
Heap-based buffer overflow in the ulaw2linear_buf function in G711.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
22-03-2017 - 13:02 20-03-2017 - 12:59
CVE-2017-6833 4.3
The runPull function in libaudiofile/modules/BlockCodec.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted file.
22-03-2017 - 13:01 20-03-2017 - 12:59
CVE-2017-6830 4.3
Heap-based buffer overflow in the alaw2linear_buf function in G711.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
22-03-2017 - 13:01 20-03-2017 - 12:59
CVE-2017-6839 4.3
Integer overflow in modules/MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
22-03-2017 - 10:40 20-03-2017 - 12:59
CVE-2017-6827 6.8
Heap-based buffer overflow in the MSADPCM::initializeCoefficients function in MSADPCM.cpp in audiofile (aka libaudiofile and Audio File Library) 0.3.6 allows remote attackers to have unspecified impact via a crafted audio file.
17-03-2017 - 09:55 15-03-2017 - 10:59
CVE-2017-5937 2.1
The util_format_is_pure_uint function in vrend_renderer.c in Virgil 3d project (aka virglrenderer) 0.6.0 and earlier allows local guest OS users to cause a denial of service (NULL pointer dereference) via a crafted VIRGL_CCMD_CLEAR command.
17-03-2017 - 09:21 15-03-2017 - 15:59
CVE-2016-10163 4.9
Memory leak in the vrend_renderer_context_create_internal function in vrend_decode.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (host memory consumption) by repeatedly creating a decode context.
17-03-2017 - 08:29 15-03-2017 - 11:59
CVE-2017-6508 4.3
CRLF injection vulnerability in the url_parse function in url.c in Wget through 1.19.1 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in the host subcomponent of a URL.
16-03-2017 - 21:59 07-03-2017 - 03:59
CVE-2017-5580 2.1
The parse_instruction function in gallium/auxiliary/tgsi/tgsi_text.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and process crash) via a crafted texture instruction.
16-03-2017 - 13:55 15-03-2017 - 11:59
CVE-2017-6317 4.9
Memory leak in the add_shader_program function in vrend_renderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (host memory consumption) via vectors involving the sprog variable.
16-03-2017 - 12:01 15-03-2017 - 10:59
CVE-2017-5993 4.9
Memory leak in the vrend_renderer_init_blit_ctx function in vrend_blitter.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRGL_CCMD_BLIT commands.
16-03-2017 - 12:01 15-03-2017 - 10:59
CVE-2017-6210 2.1
The vrend_decode_reset function in vrend_decode.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (NULL pointer dereference and QEMU process crash) by destroying context 0 (zero).
16-03-2017 - 12:01 15-03-2017 - 10:59
CVE-2017-6209 2.1
Stack-based buffer overflow in the parse_identifier function in tgsi_text.c in the TGSI auxiliary module in the Gallium driver in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and QEMU
16-03-2017 - 12:00 15-03-2017 - 10:59
CVE-2017-6386 4.9
Memory leak in the vrend_create_vertex_elements_state function in vrend_renderer.c in virglrenderer allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRGL_OBJECT_VERTEX_ELEMENTS commands.
16-03-2017 - 11:50 15-03-2017 - 10:59
CVE-2017-5994 2.1
Heap-based buffer overflow in the vrend_create_vertex_elements_state function in vrend_renderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and crash) via the num_elements param
16-03-2017 - 11:37 15-03-2017 - 10:59
CVE-2017-5957 2.1
Stack-based buffer overflow in the vrend_decode_set_framebuffer_state function in vrend_decode.c in virglrenderer before 926b9b3460a48f6454d8bbe9e44313d86a65447f, as used in Quick Emulator (QEMU), allows a local guest users to cause a denial of servi
14-03-2017 - 15:29 14-03-2017 - 10:59
CVE-2017-6056 5.0
It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. The denial of service is easily achievable as a consequence of backportin
14-03-2017 - 14:59 17-02-2017 - 02:59
CVE-2017-6011 4.3
An issue was discovered in icoutils 0.31.1. An out-of-bounds read leading to a buffer overflow was observed in the "simple_vec" function in the "extract.c" source file. This affects icotool.
13-03-2017 - 21:59 16-02-2017 - 06:59
CVE-2017-6010 4.3
An issue was discovered in icoutils 0.31.1. A buffer overflow was observed in the "extract_icons" function in the "extract.c" source file. This issue can be triggered by processing a corrupted ico file and will result in an icotool crash.
13-03-2017 - 21:59 16-02-2017 - 06:59
CVE-2017-6009 4.3
An issue was discovered in icoutils 0.31.1. A buffer overflow was observed in the "decode_ne_resource_id" function in the "restable.c" source file. This is happening because the "len" parameter for memcpy is not checked for size and thus becomes a ne
13-03-2017 - 21:59 16-02-2017 - 06:59
CVE-2017-6355 2.1
Integer overflow in the vrend_create_shader function in vrend_renderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (process crash) via crafted pkt_length and offlen values, which trigger an out-of-bounds a
13-03-2017 - 11:24 09-03-2017 - 21:59
CVE-2016-7567 7.5
Buffer overflow in the SLPFoldWhiteSpace function in common/slp_compare.c in OpenSLP 2.0 allows remote attackers to have unspecified impact via a crafted string.
25-01-2017 - 21:59 23-01-2017 - 16:59
CVE-2016-9675 6.8
openjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045. A crafted j2k image could cause the application to crash, or potentially execute arbitrary code.
23-12-2016 - 09:44 22-12-2016 - 16:59
CVE-2016-5023 5.0
Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 HF4 through HF10, 11.5.3 through 11.5.4, 11.6.0 HF5 through HF7, and 12.0.0, when configured with a TCP profile, allow remote attackers to cause a denial of service (Traffic Manage
06-12-2016 - 14:58 26-08-2016 - 10:59
CVE-2016-5159 6.8
Multiple integer overflows in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have uns
28-11-2016 - 15:23 11-09-2016 - 06:59
CVE-2016-5158 6.8
Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-
28-11-2016 - 15:23 11-09-2016 - 06:59
CVE-2016-5139 6.8
Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 52.0.2743.116, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified
28-11-2016 - 15:22 07-08-2016 - 15:59
CVE-2016-3822 7.5
exif.c in Matthias Wandel jhead 2.87, as used in libjhead in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01, allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds ac
28-11-2016 - 15:12 05-08-2016 - 16:59
CVE-2016-7163 6.8
Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write.
21-09-2016 - 16:02 21-09-2016 - 10:25
CVE-2016-6346 5.0
RESTEasy enables GZIPInterceptor, which allows remote attackers to cause a denial of service via unspecified vectors.
08-09-2016 - 09:43 07-09-2016 - 14:59
CVE-2013-6054 7.5
Heap-based buffer overflow in OpenJPEG 1.3 has unspecified impact and remote vectors, a different vulnerability than CVE-2013-6045.
27-07-2015 - 12:11 12-12-2013 - 13:55
CVE-2013-6045 7.5
Multiple heap-based buffer overflows in OpenJPEG 1.3 and earlier might allow remote attackers to execute arbitrary code via unspecified vectors.
27-07-2015 - 12:10 12-12-2013 - 13:55
CVE-2013-6052 5.0
OpenJPEG 1.3 and earlier allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based out-of-bounds read.
05-05-2014 - 01:29 12-12-2013 - 13:55
CVE-2013-1447 5.0
OpenJPEG 1.3 and earlier allows remote attackers to cause a denial of service (memory consumption or crash) via unspecified vectors related to NULL pointer dereferences, division-by-zero, and other errors.
05-05-2014 - 01:20 12-12-2013 - 13:55
Back to Top Mark selected
Back to Top