Vulnerabilities (CVE)

Filtered by CWE-120
Total 2385 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-8842 1 Apple 1 Mac Os X 2023-11-07 2.6 LOW 3.3 LOW
A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. In certain configurations, a remote attacker may be able to submit arbitrary print jobs.
CVE-2019-20839 5 Canonical, Debian, Libvnc Project and 2 more 16 Ubuntu Linux, Debian Linux, Libvncserver and 13 more 2023-11-07 5.0 MEDIUM 7.5 HIGH
libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename.
CVE-2019-19917 3 Fedoraproject, Lout Project, Opensuse 4 Fedora, Lout, Backports Sle and 1 more 2023-11-07 6.8 MEDIUM 7.8 HIGH
Lout 3.40 has a buffer overflow in the StringQuotedWord() function in z39.c.
CVE-2019-18397 2 Debian, Gnu 2 Debian Linux, Fribidi 2023-11-07 6.8 MEDIUM 7.8 HIGH
A buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allows an attacker to cause a denial of service or possibly execute arbitrary code by delivering crafted text content to a user, when this content is then rendered by an application that uses FriBidi for text layout calculations. Examples include any GNOME or GTK+ based application that uses Pango for text layout, as this internally uses FriBidi for bidirectional text layout. For example, the attacker can construct a crafted text file to be opened in GEdit, or a crafted IRC message to be viewed in HexChat.
CVE-2019-17666 3 Canonical, Debian, Linux 3 Ubuntu Linux, Debian Linux, Linux Kernel 2023-11-07 8.3 HIGH 8.8 HIGH
rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.
CVE-2019-16746 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2023-11-07 7.5 HIGH 9.8 CRITICAL
An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow.
CVE-2019-16239 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2023-11-07 7.5 HIGH 9.8 CRITICAL
process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes.
CVE-2019-15166 8 Apple, Canonical, Debian and 5 more 10 Mac Os X, Ubuntu Linux, Debian Linux and 7 more 2023-11-07 5.0 MEDIUM 7.5 HIGH
lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.
CVE-2019-12255 5 Belden, Netapp, Siemens and 2 more 50 Garrettcom Magnum Dx940e, Garrettcom Magnum Dx940e Firmware, Hirschmann Dragon Mach4000 and 47 more 2023-11-07 7.5 HIGH 9.8 CRITICAL
Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow.
CVE-2019-0160 4 Fedoraproject, Opensuse, Redhat and 1 more 8 Fedora, Leap, Enterprise Linux and 5 more 2023-11-07 7.5 HIGH 9.8 CRITICAL
Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access.
CVE-2018-1100 3 Canonical, Redhat, Zsh 5 Ubuntu Linux, Enterprise Linux Desktop, Enterprise Linux Server and 2 more 2023-11-07 7.2 HIGH 7.8 HIGH
zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function. A local attacker could exploit this to execute arbitrary code in the context of another user.
CVE-2018-1083 4 Canonical, Debian, Redhat and 1 more 6 Ubuntu Linux, Debian Linux, Enterprise Linux Desktop and 3 more 2023-11-07 7.2 HIGH 7.8 HIGH
Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. A local unprivileged user can create a specially crafted directory path which leads to code execution in the context of the user who tries to use autocomplete to traverse the before mentioned path. If the user affected is privileged, this leads to privilege escalation.
CVE-2018-16301 1 Tcpdump 1 Tcpdump 2023-11-07 4.4 MEDIUM 7.8 HIGH
The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump.
CVE-2018-14879 7 Apple, Debian, F5 and 4 more 7 Mac Os X, Debian Linux, Traffix Signaling Delivery Controller and 4 more 2023-11-07 5.1 MEDIUM 7.0 HIGH
The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file().
CVE-2017-6058 1 Qemu 1 Qemu 2023-11-07 5.0 MEDIUM 7.5 HIGH
Buffer overflow in NetRxPkt::ehdr_buf in hw/net/net_rx_pkt.c in QEMU (aka Quick Emulator), when the VLANSTRIP feature is enabled on the vmxnet3 device, allows remote attackers to cause a denial of service (out-of-bounds access and QEMU process crash) via vectors related to VLAN stripping.
CVE-2017-2633 2 Qemu, Redhat 6 Qemu, Enterprise Linux Desktop, Enterprise Linux Server and 3 more 2023-11-07 4.0 MEDIUM 6.5 MEDIUM
An out-of-bounds memory access issue was found in Quick Emulator (QEMU) before 1.7.2 in the VNC display driver. This flaw could occur while refreshing the VNC display surface area in the 'vnc_refresh_server_surface'. A user inside a guest could use this flaw to crash the QEMU process.
CVE-2017-18350 1 Bitcoin 1 Bitcoin Core 2023-11-07 4.3 MEDIUM 5.9 MEDIUM
bitcoind and Bitcoin-Qt prior to 0.15.1 have a stack-based buffer overflow if an attacker-controlled SOCKS proxy server is used. This results from an integer signedness error when the proxy server responds with an acknowledgement of an unexpected target domain name.
CVE-2016-8620 1 Haxx 1 Curl 2023-11-07 7.5 HIGH 9.8 CRITICAL
The 'globbing' feature in curl before version 7.51.0 has a flaw that leads to integer overflow and out-of-bounds read via user controlled input.
CVE-2015-8011 3 Debian, Fedoraproject, Lldpd Project 3 Debian Linux, Fedora, Lldpd 2023-11-07 6.8 MEDIUM 9.8 CRITICAL
Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via vectors involving large management addresses and TLV boundaries.
CVE-2014-0195 4 Fedoraproject, Mariadb, Openssl and 1 more 5 Fedora, Mariadb, Openssl and 2 more 2023-11-07 6.8 MEDIUM N/A
The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment.