Search Results (15641 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-0868 1 Rockwellautomation 9 1763-l16awa Series A, 1763-l16awa Series B, 1763-l16bbb Series A and 6 more 2025-04-12 N/A
Stack-based buffer overflow on Rockwell Automation Allen-Bradley MicroLogix 1100 devices A through 15.000 and B before 15.002 allows remote attackers to execute arbitrary code via a crafted web request.
CVE-2016-2505 1 Google 1 Android 2025-04-12 N/A
mpeg2ts/ATSParser.cpp in libstagefright in mediaserver in Android 6.x before 2016-07-01 does not validate a certain section length, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 28333006.
CVE-2016-4608 4 Apple, Fedoraproject, Microsoft and 1 more 9 Icloud, Iphone Os, Itunes and 6 more 2025-04-12 9.8 Critical
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4609, CVE-2016-4610, and CVE-2016-4612.
CVE-2016-0058 1 Microsoft 3 Windows 10, Windows 8.1, Windows Server 2012 2025-04-12 N/A
Buffer overflow in the PDF Library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows remote attackers to execute arbitrary code via a crafted PDF document that triggers API calls, aka "Microsoft PDF Library Buffer Overflow Vulnerability."
CVE-2011-3346 3 Qemu, Redhat, Xen 3 Qemu, Enterprise Linux, Xen 2025-04-12 N/A
Buffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before 0.15.2, as used by Xen, might allow local guest users with permission to access the CD-ROM to cause a denial of service (guest crash) via a crafted SAI READ CAPACITY SCSI command. NOTE: this is only a vulnerability when root has manually modified certain permissions or ACLs.
CVE-2016-1886 1 Freebsd 1 Freebsd 2025-04-12 N/A
Integer signedness error in the genkbd_commonioctl function in sys/dev/kbd/kbd.c in FreeBSD 9.3 before p42, 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory overwrite and kernel crash), or gain privileges via a negative value in the flen structure member in the arg argument in a SETFKEY ioctl call, which triggers a "two way heap and stack overflow."
CVE-2015-0880 1 Crear.ne.jp 1 Al-mail32 2025-04-12 N/A
Buffer overflow in CREAR AL-Mail32 before 1.13d allows remote attackers to execute arbitrary code via a long filename of an attachment.
CVE-2015-0907 1 Lhaplus 1 Lhaplus 2025-04-12 N/A
Buffer overflow in Lhaplus before 1.70 allows remote attackers to execute arbitrary code via a crafted archive.
CVE-2015-0979 1 Scadaengine 1 Bacnet Opc Server 2025-04-12 N/A
Heap-based buffer overflow in the SOAP web interface in SCADA Engine BACnet OPC Server before 2.1.371.24 allows remote attackers to execute arbitrary code via a crafted packet.
CVE-2015-0986 1 Moxa 1 Vport Activex Sdk Plus 2025-04-12 N/A
Multiple stack-based buffer overflows in Moxa VPort ActiveX SDK Plus before 2.8 allow remote attackers to insert assembly-code lines via vectors involving a regkey (1) set or (2) get command.
CVE-2016-1928 1 Sap 1 Hana 2025-04-12 N/A
Buffer overflow in the XS engine (hdbxsengine) in SAP HANA allows remote attackers to cause a denial of service or execute arbitrary code via a crafted HTTP request, related to JSON, aka SAP Security Note 2241978.
CVE-2015-1001 1 Ininet Solutions 1 Scada Web Server 2025-04-12 N/A
Multiple stack-based buffer overflows in IniNet embeddedWebServer (aka eWebServer) before 2.02 allow remote attackers to execute arbitrary code via a long field in an HTTP request.
CVE-2016-1931 2 Mozilla, Opensuse 3 Firefox, Leap, Opensuse 2025-04-12 N/A
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to uninitialized memory encountered during brotli data compression, and other vectors.
CVE-2016-0839 1 Google 1 Android 2025-04-12 N/A
post_proc/volume_listener.c in mediaserver in Android 6.x before 2016-04-01 mishandles deleted effect context, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 25753245.
CVE-2014-3442 1 Nullsoft 1 Winamp 2025-04-12 N/A
Winamp 5.666 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) via a malformed .FLV file, related to f263.w5s.
CVE-2016-6416 1 Cisco 3 Content Security Management Appliance, Email Security Appliance, Web Security Appliance 2025-04-12 N/A
The FTP service in Cisco AsyncOS on Email Security Appliance (ESA) devices 9.6.0-000 through 9.9.6-026, Web Security Appliance (WSA) devices 9.0.0-162 through 9.5.0-444, and Content Security Management Appliance (SMA) devices allows remote attackers to cause a denial of service via a flood of FTP traffic, aka Bug IDs CSCuz82907, CSCuz84330, and CSCuz86065.
CVE-2016-0010 1 Microsoft 5 Excel For Mac, Office, Powerpoint For Mac and 2 more 2025-04-12 N/A
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Excel for Mac 2011, PowerPoint for Mac 2011, Word for Mac 2011, Excel 2016 for Mac, PowerPoint 2016 for Mac, Word 2016 for Mac, and Word Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
CVE-2016-3278 1 Microsoft 2 Outlook, Outlook Rt 2025-04-12 N/A
Microsoft Outlook 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
CVE-2015-1658 1 Microsoft 1 Internet Explorer 2025-04-12 N/A
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1706, CVE-2015-1711, CVE-2015-1717, and CVE-2015-1718.
CVE-2015-1683 1 Microsoft 1 Office 2025-04-12 N/A
Microsoft Office 2007 SP3 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."