Total
13458 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-9986 | 1 Qualcomm | 44 Msm8909w, Msm8909w Firmware, Sd 205 and 41 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SD 820A, in playready_licacq_process_response(), 'cbResponse' value is controlled by HLOS, and there is no validation on this length. If 'cbResponse' is too large, memory overread occurs.
|
|||||
| CVE-2014-9630 | 1 Videolan | 1 Vlc Media Player | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
The rtp_packetize_xiph_config function in modules/stream_out/rtpfmt.c in VideoLAN VLC media player before 2.1.6 uses a stack-allocation approach with a size determined by arbitrary input data, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted length value.
|
|||||
| CVE-2014-9189 | 1 Honeywell | 1 Experion Process Knowledge System | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Multiple stack-based buffer overflow vulnerabilities were found in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules that could lead to possible remote code execution, dynamic memory corruption, or denial of service. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version.
|
|||||
| CVE-2014-9187 | 1 Honeywell | 1 Experion Process Knowledge System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Multiple heap-based buffer overflow vulnerabilities exist in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules, which could lead to possible remote code execution or denial of service. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version.
|
|||||
| CVE-2014-8985 | 1 Microsoft | 1 Internet Explorer | 2024-11-21 | 7.6 HIGH | 7.5 HIGH |
|
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2810, CVE-2014-2811, CVE-2014-2822, CVE-2014-2823, CVE-2014-4057, and CVE-2014-4145.
|
|||||
| CVE-2014-8184 | 1 Liblouis | 1 Liblouis | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
A vulnerability was found in liblouis, versions 2.5.x before 2.5.4. A stack-based buffer overflow was found in findTable() in liblouis. An attacker could create a malicious file that would cause applications that use liblouis (such as Orca) to crash, or potentially execute arbitrary code when opened.
|
|||||
| CVE-2014-7221 | 1 Teamspeak | 1 Teamspeak3 | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
TeamSpeak Client 3.0.14 and earlier allows remote authenticated users to cause a denial of service (buffer overflow and application crash) by connecting to a channel with a different client instance, and placing crafted data in the Chat/Server tab containing [img]//http:// substrings.
|
|||||
| CVE-2014-4705 | 1 Huawei | 42 Ar1200, Ar1200 Firmware, Ar150 and 39 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
Multiple heap-based buffer overflows in the eSap software platform in Huawei Campus S9300, S7700, S9700, S5300, S5700, S6300, and S6700 series switches; AR150, AR160, AR200, AR1200, AR2200, AR3200, AR530, NetEngine16EX, SRG1300, SRG2300, and SRG3300 series routers; and WLAN AC6005, AC6605, and ACU2 access controllers allow remote attackers to cause a denial of service (device restart) via a crafted length field in a packet.
|
|||||
| CVE-2014-4145 | 1 Microsoft | 1 Internet Explorer | 2024-11-21 | 7.6 HIGH | 7.5 HIGH |
|
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2810, CVE-2014-2811, CVE-2014-2822, CVE-2014-2823, CVE-2014-4057, and CVE-2014-8985.
|
|||||
| CVE-2014-4112 | 1 Microsoft | 1 Internet Explorer | 2024-11-21 | 7.6 HIGH | 7.5 HIGH |
|
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0304.
|
|||||
| CVE-2014-4066 | 1 Microsoft | 1 Internet Explorer | 2024-11-21 | 7.6 HIGH | 7.5 HIGH |
|
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2787, CVE-2014-2790, CVE-2014-2802, and CVE-2014-2806.
|
|||||
| CVE-2014-3208 | 1 Askpop3d Project | 1 Askpop3d | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A Denial of Service vulnerability exists in askpop3d 0.7.7 in free (pszQuery),
|
|||||
| CVE-2014-1215 | 1 Coreftp | 1 Core Ftp | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Multiple buffer overflows in Core FTP Server before 1.2 build 508 allow local users to gain privileges via vectors related to reading data from config.dat and Windows Registry.
|
|||||
| CVE-2014-125025 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
|
A vulnerability classified as problematic has been found in FFmpeg 2.0. This affects the function decode_pulses. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue.
|
|||||
| CVE-2014-125024 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 6.8 MEDIUM | 7.3 HIGH |
|
A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function lag_decode_frame. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue.
|
|||||
| CVE-2014-125023 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
|
A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function truemotion1_decode_header of the component Truemotion1 Handler. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.
|
|||||
| CVE-2014-125022 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
|
A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function shorten_decode_frame of the component Bitstream Buffer. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.
|
|||||
| CVE-2014-125021 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
|
A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function cmv_process_header. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue.
|
|||||
| CVE-2014-125020 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 6.8 MEDIUM | 7.3 HIGH |
|
A vulnerability has been found in FFmpeg 2.0 and classified as critical. This vulnerability affects the function decode_update_thread_context. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue.
|
|||||
| CVE-2014-125019 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
|
A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decode_nal_unit of the component Slice Segment Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue.
|
|||||
| CVE-2014-125018 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
|
A vulnerability, which was classified as problematic, has been found in FFmpeg 2.0. Affected by this issue is the function decode_slice_header. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue.
|
|||||
| CVE-2014-125017 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 6.8 MEDIUM | 7.3 HIGH |
|
A vulnerability classified as critical was found in FFmpeg 2.0. This vulnerability affects the function rpza_decode_stream. The manipulation leads to memory corruption. The attack can be initiated remotely. The name of the patch is Fixes Invalid Writes. It is recommended to apply a patch to fix this issue.
|
|||||
| CVE-2014-125016 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
|
A vulnerability was found in FFmpeg 2.0. It has been rated as problematic. This issue affects the function ff_init_buffer_info of the file utils.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue.
|
|||||
| CVE-2014-125015 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 6.8 MEDIUM | 7.3 HIGH |
|
A vulnerability classified as critical has been found in FFmpeg 2.0. Affected is the function read_var_block_data. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.
|
|||||
| CVE-2014-125014 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
|
A vulnerability classified as problematic was found in FFmpeg 2.0. Affected by this vulnerability is an unknown functionality of the component HEVC Video Decoder. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.
|
|||||
| CVE-2014-125013 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
|
A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function msrle_decode_frame of the file libavcodec/msrle.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue.
|
|||||
| CVE-2014-125010 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
|
A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function decode_slice_header of the file libavcodec/h64.c. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue.
|
|||||
| CVE-2014-125009 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
|
A vulnerability classified as problematic has been found in FFmpeg 2.0. This affects the function add_yblock of the file libavcodec/snow.h. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue.
|
|||||
| CVE-2014-125008 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
|
A vulnerability classified as problematic has been found in FFmpeg 2.0. Affected is the function vorbis_header of the file libavformat/oggparsevorbis.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.
|
|||||
| CVE-2014-125007 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
|
A vulnerability classified as problematic was found in FFmpeg 2.0. Affected by this vulnerability is the function intra_pred of the file libavcodec/hevcpred_template.c. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.
|
|||||
| CVE-2014-125006 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
|
A vulnerability, which was classified as problematic, has been found in FFmpeg 2.0. Affected by this issue is the function output_frame of the file libavcodec/h264.c. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue.
|
|||||
| CVE-2014-125005 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
|
A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decode_vol_header of the file libavcodec/mpeg4videodec.c. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue.
|
|||||
| CVE-2014-125004 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
|
A vulnerability has been found in FFmpeg 2.0 and classified as problematic. This vulnerability affects the function decode_hextile of the file libavcodec/vmnc.c. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue.
|
|||||
| CVE-2014-125003 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
|
A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function get_siz of the file libavcodec/jpeg2000dec.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue.
|
|||||
| CVE-2014-125002 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
|
A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function dnxhd_init_rc of the file libavcodec/dnxhdenc.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.
|
|||||
| CVE-2014-10072 | 1 Zsh Project | 1 Zsh | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
In utils.c in zsh before 5.0.6, there is a buffer overflow when scanning very long directory paths for symbolic links.
|
|||||
| CVE-2014-10071 | 2 Canonical, Zsh | 2 Ubuntu Linux, Zsh | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
In exec.c in zsh before 5.0.7, there is a buffer overflow for very long fds in the ">& fd" syntax.
|
|||||
| CVE-2014-10056 | 1 Qualcomm | 6 Sd 205, Sd 205 Firmware, Sd 210 and 3 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, A buffer overflow can potentially occur in any OpenCL application that calls clBuildProgram() with a device of type CL_DEVICE_TYPE_CPU in its device_list argument.
|
|||||
| CVE-2014-10052 | 1 Qualcomm | 56 Fsm9055, Fsm9055 Firmware, Ipq4019 and 53 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, SD 835, and SDX20, the reserved memory of TZ subsystem (like TZ apps and some PIL image subsystem) is not cleared after being used.
|
|||||
| CVE-2014-10045 | 1 Qualcomm | 42 Ipq4019, Ipq4019 Firmware, Mdm9206 and 39 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 820, and SDX20, buffer overflow vulnerability exist in Sahara boot when program header are parsing.
|
|||||