Vulnerabilities (CVE)

CWE filter

CWE-189

Filter

1390 total CVE
CVE Vendors Products Updated CVSS
CVE-2015-0135 1 Ibm 1 Domino 2019-10-16 10.0
IBM Domino 8.5 before 8.5.3 FP6 IF4 and 9.0 before 9.0.1 FP3 IF2 allows remote attackers to execute arbitrary code or cause a denial of service (integer truncation and application crash) via a crafted GIF image, aka SPR KLYH9T7NT9.
CVE-2011-1910 1 Isc 1 Bind 2019-10-09 5.0
Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a...
CVE-2008-5357 1 Sun 3 Jdk, Sdk, Jre 2019-10-09 9.3
Integer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier might allow remote attackers to execute...
CVE-2008-4211 1 Apple 3 Mac Os X, Iphone Os, Mac Os X Server 2019-09-26 10.0
Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and (2) Office Viewer in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows remote attackers to cause a denial of service (application...
CVE-2019-7308 3 Linux, Canonical, Opensuse 3 Linux Kernel, Ubuntu Linux, Leap 2019-09-24 4.7
kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to...
CVE-2013-6933 1 Live555 1 Streaming Media 2019-09-12 7.5
The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2011.08.13 through 2013.11.25, as used in VideoLAN VLC Media Player, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via...
CVE-2013-6934 2 Live555, Videolan 2 Streaming Media, Vlc Media Player 2019-09-12 7.5
The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2013.11.26, as used in VideoLAN VLC Media Player, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a space character...
CVE-2019-14763 1 Linux 1 Linux Kernel 2019-09-03 4.9
In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with f_hid.
CVE-2014-10375 2019-08-27 5.0
handle_messages in eXtl_tls.c in eXosip before 5.0.0 mishandles a negative value in a content-length header.
CVE-2007-2788 1 Sun 3 Jdk, Jre, Sdk 2019-08-01 6.8
Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE...
CVE-2008-0122 1 Isc 1 Bind 2019-08-01 10.0
Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary...
CVE-2011-1300 2 Google, Mozilla 2 Firefox, Chrome 2019-07-18 10.0
The Program::getActiveUniformMaxLength function in libGLESv2/Program.cpp in libGLESv2.dll in the WebGLES library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox 4.x before 4.0.1 on Windows and in the GPU process in...
CVE-2019-1010294 1 Linaro 1 Op-tee 2019-07-16 5.0
Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Rounding error. The impact is: Potentially leaking code and/or data from previous Trusted Application. The component is: optee_os. The fixed version is: 3.4.0 and later.
CVE-2016-3645 1 Symantec 18 Norton 360, Mail Security For Microsoft Exchange, Norton Security and 15 more 2019-07-16 10.0
Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP)...
CVE-2008-1446 1 Microsoft 6 Windows Server 2008, Windows Xp, Iis and 3 more 2019-07-03 9.0
Integer overflow in the Internet Printing Protocol (IPP) ISAPI extension in Microsoft Internet Information Services (IIS) 5.0 through 7.0 on Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Server 2008 allows remote authenticated...
CVE-2012-4412 1 Gnu 1 Glibc 2019-06-13 7.5
Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a...
CVE-2016-10714 1 Canonical 1 Ubuntu Linux 2019-06-11 7.5
In zsh before 5.3, an off-by-one error resulted in undersized buffers that were intended to support PATH_MAX characters.
CVE-2013-1591 2 Redhat, Palemoon 3 Enterprise Virtualization, Enterprise Linux, Pale Moon 2019-05-22 10.0
Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors. NOTE: this issue might be resultant from an integer overflow in the...
CVE-2019-11837 1 Nginx 1 Njs 2019-05-09 5.0
njs through 0.3.1, used in NGINX, has a segmentation fault in String.prototype.toBytes for negative arguments, related to nxt_utf8_next in nxt/nxt_utf8.h and njs_string_offset in njs/njs_string.c.
CVE-2009-1924 1 Microsoft 2 Windows 2003 Server, Windows 2000 2019-04-30 9.3
Integer overflow in the Windows Internet Name Service (WINS) component for Microsoft Windows 2000 SP4 allows remote WINS replication partners to execute arbitrary code via crafted data structures in a packet, aka "WINS Integer Overflow Vulnerability."