Vulnerabilities (CVE)

CWE filter

CWE-189

Filter

1416 total CVE
CVE Vendors Products Updated CVSS
CVE-2012-4412 1 Gnu 1 Glibc 2019-06-13 7.5
Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a...
CVE-2016-10714 1 Canonical 1 Ubuntu Linux 2019-06-11 7.5
In zsh before 5.3, an off-by-one error resulted in undersized buffers that were intended to support PATH_MAX characters.
CVE-2013-1591 2 Redhat, Palemoon 3 Enterprise Virtualization, Enterprise Linux, Pale Moon 2019-05-22 10.0
Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors. NOTE: this issue might be resultant from an integer overflow in the...
CVE-2017-11537 1 Imagemagick 1 Imagemagick 2019-05-14 4.3
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Floating Point Exception (FPE) in the WritePALMImage() function in coders/palm.c, related to an incorrect bits-per-pixel calculation.
CVE-2019-11837 1 Nginx 1 Njs 2019-05-09 5.0
njs through 0.3.1, used in NGINX, has a segmentation fault in String.prototype.toBytes for negative arguments, related to nxt_utf8_next in nxt/nxt_utf8.h and njs_string_offset in njs/njs_string.c.
CVE-2009-1924 1 Microsoft 2 Windows 2003 Server, Windows 2000 2019-04-30 9.3
Integer overflow in the Windows Internet Name Service (WINS) component for Microsoft Windows 2000 SP4 allows remote WINS replication partners to execute arbitrary code via crafted data structures in a packet, aka "WINS Integer Overflow Vulnerability."
CVE-2007-5133 2 Microsoft, 3ware 5 Windows-nt, Windows Xp, 3dm Disk Management Software and 2 more 2019-04-30 7.1
Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service (CPU consumption) via a certain PNG file with a large tEXt chunk that possibly triggers an integer overflow in PNG chunk size handling,...
CVE-2018-5251 2 Libming, Debian 2 Libming, Debian Linux 2019-04-26 4.3
In libming 0.4.8, there is an integer signedness error vulnerability (left shift of a negative value) in the readSBits function (util/read.c). Remote attackers can leverage this vulnerability to cause a denial of service via a crafted swf file.
CVE-2014-8147 3 Icu Project, Apple, Icu-project 4 Mac Os X, International Components For Unicode, Watchos and 1 more 2019-04-23 7.5
The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 uses an integer data type that is inconsistent with a header file, which...
CVE-2015-4021 3 Apple, Php, Redhat 9 Enterprise Linux Desktop, Enterprise Linux, Php and 6 more 2019-04-22 5.0
The phar_parse_tarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first character of a filename is different from the \0 character, which allows remote attackers to cause...
CVE-2015-4022 3 Apple, Php, Redhat 9 Enterprise Linux Desktop, Enterprise Linux, Php and 6 more 2019-04-22 7.5
Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer...
CVE-2013-1913 2 Gimp, Redhat 2 Enterprise Linux, Gimp 2019-04-22 6.8
Integer overflow in the load_image function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier, when used with glib before 2.24, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary...
CVE-2013-2555 4 Redhat, Novell, Adobe and 1 more 7 Flash Player, Adobe Air, Suse Linux Enterprise Desktop and 4 more 2019-04-22 10.0
Integer overflow in Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android...
CVE-2012-3405 3 Redhat, Gnu, Canonical 4 Enterprise Virtualization, Ubuntu Linux, Glibc and 1 more 2019-04-22 5.0
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string...
CVE-2014-3468 2 Gnu, Redhat 3 Libtasn1, Enterprise Linux, Gnutls 2019-04-22 6.8
The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data.
CVE-2013-4345 3 Linux, Fedoraproject, Redhat 4 Linux Kernel, Enterprise Linux, Fedora and 1 more 2019-04-22 5.8
Off-by-one error in the get_prng_bytes function in crypto/ansi_cprng.c in the Linux kernel through 3.11.4 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via multiple requests for small amounts of...
CVE-2012-3404 3 Redhat, Canonical, Gnu 4 Enterprise Virtualization, Ubuntu Linux, Glibc and 1 more 2019-04-22 5.0
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string...
CVE-2014-0150 2 Redhat, Qemu 2 Qemu, Enterprise Linux 2019-04-22 4.9
Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request, which triggers a heap-based buffer overflow.
CVE-2013-4397 2 Redhat, Feep 2 Libtar, Enterprise Linux 2019-04-22 6.8
Multiple integer overflows in the th_read function in lib/block.c in libtar before 1.2.20 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) name or (2) link in an archive, which...
CVE-2019-7308 3 Linux, Canonical, Opensuse 3 Linux Kernel, Ubuntu Linux, Leap 2019-04-18 4.7
kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to...