Total
11925 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-2481 | 1 Google | 1 Android | 2016-06-13 | 9.3 HIGH | 7.8 HIGH |
| The mm-video-v4l2 venc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles a buffer count, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27532497. | |||||
| CVE-2016-2482 | 1 Google | 1 Android | 2016-06-13 | 9.3 HIGH | 7.8 HIGH |
| The mm-video-v4l2 vdec component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles a buffer count, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27661749. | |||||
| CVE-2016-2479 | 1 Google | 1 Android | 2016-06-13 | 9.3 HIGH | 7.8 HIGH |
| The mm-video-v4l2 vdec component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles a buffer count, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27532282. | |||||
| CVE-2016-2485 | 1 Google | 1 Android | 2016-06-13 | 9.3 HIGH | 7.8 HIGH |
| libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate OMX buffer sizes for the GSM and G711 codecs, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27793367. | |||||
| CVE-2016-2476 | 1 Google | 1 Android | 2016-06-13 | 9.3 HIGH | 7.8 HIGH |
| mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate OMX buffer sizes, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27207275. | |||||
| CVE-2016-2483 | 1 Google | 1 Android | 2016-06-13 | 9.3 HIGH | 7.8 HIGH |
| The mm-video-v4l2 venc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles a buffer count, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27662502. | |||||
| CVE-2015-4469 | 1 Libmspack Project | 1 Libmspack | 2016-06-09 | 4.3 MEDIUM | N/A |
| The chmd_read_headers function in chmd.c in libmspack before 0.5 does not validate name lengths, which allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CHM file. | |||||
| CVE-2016-3681 | 1 Huawei | 2 Mate 8, Mate 8 Firmware | 2016-05-27 | 9.3 HIGH | 7.8 HIGH |
| Buffer overflow in the Wi-Fi driver in Huawei Mate 8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to cause a denial of service (crash) or possibly gain privileges via a crafted application, aka HWPSIRT-2016-03021. | |||||
| CVE-2005-3065 | 1 Multitheftauto | 1 Multitheftauto | 2016-05-27 | 5.0 MEDIUM | N/A |
| MultiTheftAuto 0.5 patch 1 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted command 40 that causes a -1 length to be used and triggers an out-of-bounds read. | |||||
| CVE-2016-3680 | 1 Huawei | 2 Mate 8, Mate 8 Firmware | 2016-05-27 | 9.3 HIGH | 7.8 HIGH |
| Buffer overflow in the Wi-Fi driver in Huawei Mate 8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to cause a denial of service (crash) or possibly gain privileges via a crafted application, aka HWPSIRT-2016-03020. | |||||
| CVE-2001-0775 | 2 Xli, Xloadimage | 2 Xli, Xloadimage | 2016-05-20 | 7.5 HIGH | N/A |
| Buffer overflow in xloadimage 4.1 (aka xli 1.16 and 1.17) in Linux allows remote attackers to execute arbitrary code via a FACES format image containing a long (1) Firstname or (2) Lastname field. | |||||
| CVE-2016-3628 | 1 Tibco | 3 Enterprise Message Service, Enterprise Message Service Appliance, Enterprise Message Service Appliance Firmware | 2016-05-18 | 6.5 MEDIUM | 8.8 HIGH |
| Buffer overflow in tibemsd in the server in TIBCO Enterprise Message Service (EMS) before 8.3.0 and EMS Appliance before 2.4.0 allows remote authenticated users to cause a denial of service or possibly execute arbitrary code via crafted inbound data. | |||||
| CVE-2013-4473 | 2 Canonical, Freedesktop | 2 Ubuntu Linux, Poppler | 2016-05-18 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a source filename. | |||||
| CVE-2016-2196 | 1 Botan Project | 1 Botan | 2016-05-16 | 10.0 HIGH | 9.8 CRITICAL |
| Heap-based buffer overflow in the P-521 reduction function in Botan 1.11.x before 1.11.27 allows remote attackers to cause a denial of service (memory overwrite and crash) or execute arbitrary code via unspecified vectors. | |||||
| CVE-2016-2439 | 1 Google | 1 Android | 2016-05-10 | 5.4 MEDIUM | 8.8 HIGH |
| Buffer overflow in btif/src/btif_dm.c in Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 allows remote attackers to execute arbitrary code via a long PIN value, aka internal bug 27411268. | |||||
| CVE-2016-2429 | 1 Google | 1 Android | 2016-05-10 | 10.0 HIGH | 9.8 CRITICAL |
| libFLAC/stream_decoder.c in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not prevent free operations on uninitialized memory, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted media file, aka internal bug 27211885. | |||||
| CVE-2016-2428 | 1 Google | 1 Android | 2016-05-10 | 10.0 HIGH | 9.8 CRITICAL |
| libAACdec/src/aacdec_drc.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not properly limit the number of threads, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a crafted media file, aka internal bug 26751339. | |||||
| CVE-2016-1176 | 1 Sharp | 1 Eva Animator | 2016-05-09 | 6.8 MEDIUM | 6.3 MEDIUM |
| Buffer overflow in the ActiveX control in Sharp EVA Animeter allows remote attackers to execute arbitrary code via a crafted web page. | |||||
| CVE-2016-2280 | 1 Honeywell | 1 Uniformance Process History Database | 2016-05-06 | 7.8 HIGH | 7.5 HIGH |
| Buffer overflow in RDISERVER in Honeywell Uniformance Process History Database (PHD) R310, R320, and R321 allows remote attackers to cause a denial of service (service outage) via unspecified vectors. | |||||
| CVE-2016-4416 | 1 Wireshark | 1 Wireshark | 2016-05-04 | 4.3 MEDIUM | 5.9 MEDIUM |
| epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 2.x before 2.0.2 mishandles the Grouping subfield, which allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet. | |||||