Total
8568 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-8927 | 1 Libarchive | 1 Libarchive | 2025-04-12 | N/A |
| The trad_enc_decrypt_update function in archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap read and crash) via a crafted zip file, related to reading the password. | ||||
| CVE-2016-2064 | 1 Linux | 1 Linux Kernel | 2025-04-12 | 7.8 High |
| sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted application that makes an ioctl call specifying many commands. | ||||
| CVE-2015-8926 | 4 Canonical, Libarchive, Redhat and 1 more | 6 Ubuntu Linux, Libarchive, Enterprise Linux and 3 more | 2025-04-12 | N/A |
| The archive_read_format_rar_read_data function in archive_read_support_format_rar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted rar archive. | ||||
| CVE-2015-8783 | 3 Debian, Libtiff, Redhat | 3 Debian Linux, Libtiff, Enterprise Linux | 2025-04-12 | 6.5 Medium |
| tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds reads) via a crafted TIFF image. | ||||
| CVE-2016-1924 | 1 Uclouvain | 1 Openjpeg | 2025-04-12 | N/A |
| The opj_tgt_reset function in OpenJpeg 2016.1.18 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image. | ||||
| CVE-2015-8743 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-12 | 7.1 High |
| QEMU (aka Quick Emulator) built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue. It could occur while performing 'ioport' r/w operations. A privileged (CAP_SYS_RAWIO) user/process could use this flaw to leak or corrupt QEMU memory bytes. | ||||
| CVE-2016-1983 | 1 Privoxy | 1 Privoxy | 2025-04-12 | N/A |
| The client_host function in parsers.c in Privoxy before 3.0.24 allows remote attackers to cause a denial of service (invalid read and crash) via an empty HTTP Host header. | ||||
| CVE-2015-4695 | 2 Redhat, Wvware | 2 Enterprise Linux, Libwmf | 2025-04-12 | N/A |
| meta.h in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WMF file. | ||||
| CVE-2014-1522 | 4 Canonical, Fedoraproject, Mozilla and 1 more | 5 Ubuntu Linux, Fedora, Firefox and 2 more | 2025-04-12 | N/A |
| The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read, memory corruption, and application crash) via crafted content. | ||||
| CVE-2015-8733 | 1 Wireshark | 1 Wireshark | 2025-04-12 | N/A |
| The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file. | ||||
| CVE-2015-8076 | 2 Cyrus, Opensuse | 3 Imap, Leap, Opensuse | 2025-04-12 | N/A |
| The index_urlfetch function in index.c in Cyrus IMAP 2.3.x before 2.3.19, 2.4.x before 2.4.18, 2.5.x before 2.5.4 allows remote attackers to obtain sensitive information or possibly have unspecified other impact via vectors related to the urlfetch range, which triggers an out-of-bounds heap read. | ||||
| CVE-2015-8731 | 1 Wireshark | 1 Wireshark | 2025-04-12 | N/A |
| The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not reject unknown TLV types, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet. | ||||
| CVE-2016-1714 | 3 Oracle, Qemu, Redhat | 4 Linux, Qemu, Enterprise Linux and 1 more | 2025-04-12 | N/A |
| The (1) fw_cfg_write and (2) fw_cfg_read functions in hw/nvram/fw_cfg.c in QEMU before 2.4, when built with the Firmware Configuration device emulation support, allow guest OS users with the CAP_SYS_RAWIO privilege to cause a denial of service (out-of-bounds read or write access and process crash) or possibly execute arbitrary code via an invalid current entry value in a firmware configuration. | ||||
| CVE-2015-7557 | 1 Gnome | 1 Librsvg | 2025-04-12 | N/A |
| The _rsvg_node_poly_build_path function in rsvg-shapes.c in librsvg before 2.40.7 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via an odd number of elements in a coordinate pair in an SVG document. | ||||
| CVE-2015-8729 | 1 Wireshark | 1 Wireshark | 2025-04-12 | N/A |
| The ascend_seek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a '\0' character at the end of a date string, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file. | ||||
| CVE-2022-34673 | 1 Nvidia | 6 Geforce, Gpu Display Driver, Nvs and 3 more | 2025-04-11 | 4.4 Medium |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an out-of-bounds array access may lead to denial of service, information disclosure, or data tampering. | ||||
| CVE-2022-34676 | 5 Citrix, Linux, Nvidia and 2 more | 6 Hypervisor, Linux Kernel, Cloud Gaming and 3 more | 2025-04-11 | 7.1 High |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds read may lead to denial of service, information disclosure, or data tampering. | ||||
| CVE-2022-34677 | 6 Citrix, Debian, Linux and 3 more | 13 Hypervisor, Debian Linux, Linux Kernel and 10 more | 2025-04-11 | 5.5 Medium |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause an integer to be truncated, which may lead to denial of service or data tampering. | ||||
| CVE-2025-30302 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2025-04-11 | 5.5 Medium |
| Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-30303 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2025-04-11 | 5.5 Medium |
| Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||