Total
10481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-0435 | 5 Fedoraproject, Linux, Netapp and 2 more | 37 Fedora, Linux Kernel, H300e and 34 more | 2023-02-14 | 9.0 HIGH | 8.8 HIGH |
| A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network. | |||||
| CVE-2017-7308 | 1 Linux | 1 Linux Kernel | 2023-02-14 | 7.2 HIGH | 7.8 HIGH |
| The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls. | |||||
| CVE-2023-20615 | 2 Google, Mediatek | 37 Android, Mt6739, Mt6761 and 34 more | 2023-02-14 | N/A | 6.7 MEDIUM |
| In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629572; Issue ID: ALPS07629572. | |||||
| CVE-2023-20614 | 2 Google, Mediatek | 38 Android, Mt6739, Mt6761 and 35 more | 2023-02-14 | N/A | 6.7 MEDIUM |
| In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628615; Issue ID: ALPS07628615. | |||||
| CVE-2023-20604 | 2 Google, Mediatek | 27 Android, Mt6735, Mt6737 and 24 more | 2023-02-14 | N/A | 6.7 MEDIUM |
| In ged, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494067; Issue ID: ALPS07494067. | |||||
| CVE-2021-32948 | 2 Opendesign, Siemens | 4 Drawings Sdk, Comos, Jt2go and 1 more | 2023-02-14 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds write issue exists in the DWG file-reading procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a write past the end of an allocated buffer and allow attackers to cause a denial-of-service condition or execute code in the context of the current process. | |||||
| CVE-2021-32936 | 2 Opendesign, Siemens | 4 Drawings Sdk, Comos, Jt2go and 1 more | 2023-02-14 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds write issue exists in the DXF file-recovering procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a write past the end of an allocated buffer and allow attackers to cause a denial-of-service condition or execute code in the context of the current process. | |||||
| CVE-2022-43397 | 1 Siemens | 1 Parasolid | 2023-02-14 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Simcenter Femap (All versions < V2023.1). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17854) | |||||
| CVE-2015-6048 | 1 Microsoft | 1 Internet Explorer | 2023-02-13 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6049. | |||||
| CVE-2018-10880 | 4 Canonical, Debian, Linux and 1 more | 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more | 2023-02-13 | 7.1 HIGH | 5.5 MEDIUM |
| Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could use this to cause a system crash and a denial of service. | |||||
| CVE-2018-10840 | 3 Canonical, Linux, Redhat | 3 Ubuntu Linux, Linux Kernel, Enterprise Linux | 2023-02-13 | 7.2 HIGH | 6.6 MEDIUM |
| Linux kernel is vulnerable to a heap-based buffer overflow in the fs/ext4/xattr.c:ext4_xattr_set_entry() function. An attacker could exploit this by operating on a mounted crafted ext4 image. | |||||
| CVE-2013-1978 | 3 Gimp, Gnome, Redhat | 3 Gimp, Glib, Enterprise Linux | 2023-02-13 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in the read_xwd_cols function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an X Window System (XWD) image dump with more colors than color map entries. | |||||
| CVE-2012-5576 | 1 Gimp | 1 Gimp | 2023-02-13 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.8.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large (1) red, (2) green, or (3) blue color mask in an XWD file. | |||||
| CVE-2012-3400 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2023-02-13 | 7.6 HIGH | N/A |
| Heap-based buffer overflow in the udf_load_logicalvol function in fs/udf/super.c in the Linux kernel before 3.4.5 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted UDF filesystem. | |||||
| CVE-2012-2665 | 5 Apache, Canonical, Debian and 2 more | 11 Openoffice, Ubuntu Linux, Debian Linux and 8 more | 2023-02-13 | 7.5 HIGH | N/A |
| Multiple heap-based buffer overflows in the XML manifest encryption tag parsing functionality in OpenOffice.org and LibreOffice before 3.5.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Open Document Text (.odt) file with (1) a child tag within an incorrect parent tag, (2) duplicate tags, or (3) a Base64 ChecksumAttribute whose length is not evenly divisible by four. | |||||
| CVE-2010-4253 | 3 Apache, Canonical, Debian | 3 Openoffice, Ubuntu Linux, Debian Linux | 2023-02-13 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file in an ODF or Microsoft Office document, as demonstrated by a PowerPoint (aka PPT) document. | |||||
| CVE-2010-3874 | 5 Debian, Fedoraproject, Linux and 2 more | 7 Debian Linux, Fedora, Linux Kernel and 4 more | 2023-02-13 | 4.0 MEDIUM | N/A |
| Heap-based buffer overflow in the bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.36.2 on 64-bit platforms might allow local users to cause a denial of service (memory corruption) via a connect operation. | |||||
| CVE-2010-3859 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2023-02-13 | 6.9 MEDIUM | N/A |
| Multiple integer signedness errors in the TIPC implementation in the Linux kernel before 2.6.36.2 allow local users to gain privileges via a crafted sendmsg call that triggers a heap-based buffer overflow, related to the tipc_msg_build function in net/tipc/msg.c and the verify_iovec function in net/core/iovec.c. | |||||
| CVE-2010-3848 | 4 Canonical, Debian, Linux and 1 more | 7 Ubuntu Linux, Debian Linux, Linux Kernel and 4 more | 2023-02-13 | 6.9 MEDIUM | N/A |
| Stack-based buffer overflow in the econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to gain privileges by providing a large number of iovec structures. | |||||
| CVE-2010-3453 | 3 Apache, Canonical, Debian | 3 Openoffice, Ubuntu Linux, Debian Linux | 2023-02-13 | 9.3 HIGH | N/A |
| The WW8ListManager::WW8ListManager function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle an unspecified number of list levels in user-defined list styles in WW8 data in a Microsoft Word document, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted .DOC file that triggers an out-of-bounds write. | |||||