Vulnerabilities (CVE)

CWE filter

CWE-189

Filter

1418 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-7308 3 Linux, Canonical, Opensuse 3 Linux Kernel, Ubuntu Linux, Leap 2019-04-18 4.7
kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to...
CVE-2019-5755 4 Google, Debian, Redhat and 1 more 6 Chrome, Debian Linux, Enterprise Linux Desktop and 3 more 2019-04-17 5.8
Incorrect handling of negative zero in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page.
CVE-2014-0099 1 Apache 1 Tomcat 2019-04-15 4.3
Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a...
CVE-2014-0075 1 Apache 1 Tomcat 2019-04-15 5.0
Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service...
CVE-2016-5241 5 Graphicsmagick, Novell, Opensuse Project and 2 more 6 Leap, Graphicsmagick, Opensuse and 3 more 2019-04-12 4.3
magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file.
CVE-2012-0022 1 Apache 1 Tomcat 2019-03-25 5.0
Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many...
CVE-2016-9843 4 Gnu, Opensuse Project, Novell and 1 more 6 Zlib, Opensuse, Leap and 3 more 2019-03-25 7.5
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
CVE-2016-9842 4 Gnu, Opensuse Project, Novell and 1 more 6 Zlib, Opensuse, Leap and 3 more 2019-03-25 6.8
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
CVE-2016-9841 4 Gnu, Opensuse Project, Novell and 1 more 6 Zlib, Opensuse, Leap and 3 more 2019-03-25 7.5
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
CVE-2016-9840 4 Gnu, Opensuse Project, Novell and 1 more 6 Zlib, Opensuse, Leap and 3 more 2019-03-25 6.8
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
CVE-2013-4852 6 Debian, Simon Tatham, Novell and 3 more 6 Debian Linux, Winscp, Putty and 3 more 2019-03-21 6.8
Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use PuTTY via a...
CVE-2013-3077 1 Freebsd 1 Freebsd 2019-03-18 7.2
Multiple integer overflows in the IP_MSFILTER and IPV6_MSFILTER features in (1) sys/netinet/in_mcast.c and (2) sys/netinet6/in6_mcast.c in the multicast implementation in the kernel in FreeBSD 8.3 through 9.2-PRERELEASE allow local users to...
CVE-2018-5251 2 Libming, Debian 2 Libming, Debian Linux 2019-03-12 4.3
In libming 0.4.8, there is an integer signedness error vulnerability (left shift of a negative value) in the readSBits function (util/read.c). Remote attackers can leverage this vulnerability to cause a denial of service via a crafted swf file.
CVE-2017-14314 2 Graphicsmagick, Debian 2 Graphicsmagick, Debian Linux 2019-03-12 4.3
Off-by-one error in the DrawImage function in magick/render.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (DrawDashPolygon heap-based buffer over-read and application crash) via a crafted file.
CVE-2017-2474 1 Apple 5 Mac Os X, Iphone Os, Apple Tv and 2 more 2019-03-08 9.3
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. An off-by-one error allows...
CVE-2014-4481 1 Apple 4 Mac Os X, Iphone Os, Apple Tv and 1 more 2019-03-08 6.8
Integer overflow in CoreGraphics in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.
CVE-2014-4377 1 Apple 4 Mac Os X, Iphone Os, Apple Tv and 1 more 2019-03-08 6.8
Integer overflow in CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.
CVE-2014-4389 1 Apple 4 Mac Os X, Iphone Os, Apple Tv and 1 more 2019-03-08 9.3
Integer overflow in IOKit in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted API arguments.
CVE-2014-1359 1 Apple 4 Mac Os X, Iphone Os, Apple Tv and 1 more 2019-03-08 10.0
Integer underflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application.
CVE-2014-1358 1 Apple 4 Mac Os X, Iphone Os, Apple Tv and 1 more 2019-03-08 10.0
Integer overflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application.