Total
8217 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-27801 | 1 Upx | 1 Upx | 2025-04-11 | N/A | 7.8 HIGH |
|
A heap-based buffer over-read was discovered in the get_le64 function in bele.h in UPX 4.0.0 via a crafted Mach-O file.
|
|||||
| CVE-2019-20021 | 2 Fedoraproject, Upx | 2 Fedora, Upx | 2025-04-11 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A heap-based buffer over-read was discovered in canUnpack in p_mach.cpp in UPX 3.95 via a crafted Mach-O file.
|
|||||
| CVE-2020-27796 | 1 Upx | 1 Upx | 2025-04-11 | N/A | 7.8 HIGH |
|
A heap-based buffer over-read was discovered in the invert_pt_dynamic function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file.
|
|||||
| CVE-2020-27788 | 1 Upx | 1 Upx | 2025-04-11 | N/A | 5.5 MEDIUM |
|
An out-of-bounds read access vulnerability was discovered in UPX in PackLinuxElf64::canPack() function of p_lx_elf.cpp file. An attacker with a crafted input file could trigger this issue that could cause a crash leading to a denial of service.
|
|||||
| CVE-2011-3040 | 3 Apple, Google, Opensuse | 5 Iphone Os, Itunes, Safari and 2 more | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Google Chrome before 17.0.963.65 does not properly handle text, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document.
|
|||||
| CVE-2012-5110 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
|
The compositor in Google Chrome before 22.0.1229.92 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2011-2843 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Google Chrome before 14.0.835.163 does not properly handle media buffers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2011-3910 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Google Chrome before 16.0.912.63 does not properly handle YUV video frames, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2011-3066 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Skia, as used in Google Chrome before 18.0.1025.151, does not properly perform clipping, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2011-2850 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Google Chrome before 14.0.835.163 does not properly handle Khmer characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2011-2345 | 1 Google | 1 Chrome | 2025-04-11 | 4.3 MEDIUM | N/A |
|
The NPAPI implementation in Google Chrome before 12.0.742.112 does not properly handle strings, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2011-3060 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Google Chrome before 18.0.1025.142 does not properly handle text fragments, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2013-0767 | 5 Canonical, Mozilla, Opensuse and 2 more | 14 Ubuntu Linux, Firefox, Seamonkey and 11 more | 2025-04-11 | 10.0 HIGH | N/A |
|
The nsSVGPathElement::GetPathLengthScale function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2012-5130 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Skia, as used in Google Chrome before 23.0.1271.91, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2011-3905 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more | 2025-04-11 | 5.0 MEDIUM | N/A |
|
libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2011-3963 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Google Chrome before 17.0.963.46 does not properly handle PDF FAX images, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2011-2851 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Google Chrome before 14.0.835.163 does not properly handle video, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2011-3970 | 3 Google, Suse, Xmlsoft | 5 Chrome, Linux Enterprise Desktop, Linux Enterprise Server and 2 more | 2025-04-11 | 4.3 MEDIUM | N/A |
|
libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2011-1445 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Google Chrome before 11.0.696.57 does not properly handle SVG documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2011-3960 | 1 Google | 1 Chrome | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Google Chrome before 17.0.963.46 does not properly decode audio data, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2012-3995 | 4 Canonical, Mozilla, Redhat and 1 more | 12 Ubuntu Linux, Firefox, Seamonkey and 9 more | 2025-04-11 | 9.3 HIGH | N/A |
|
The IsCSSWordSpacingSpace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2011-3057 | 1 Google | 1 Chrome | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Google V8, as used in Google Chrome before 17.0.963.83, allows remote attackers to cause a denial of service via vectors that trigger an invalid read operation.
|
|||||
| CVE-2011-1192 | 2 Google, Linux | 2 Chrome, Linux Kernel | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Google Chrome before 10.0.648.127 on Linux does not properly handle Unicode ranges, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2011-1122 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
|
The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, aka Issue 71960.
|
|||||
| CVE-2011-3406 | 1 Microsoft | 5 Windows 7, Windows Server 2003, Windows Server 2008 and 2 more | 2025-04-11 | 9.0 HIGH | 8.8 HIGH |
|
Buffer overflow in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote authenticated users to execute arbitrary code via a crafted query that leverages incorrect memory initialization, aka "Active Directory Buffer Overflow Vulnerability."
|
|||||
| CVE-2011-2864 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Google Chrome before 14.0.835.163 does not properly handle Tibetan characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2011-3962 | 1 Google | 1 Chrome | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Google Chrome before 17.0.963.46 does not properly perform path clipping, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2011-2803 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Google Chrome before 13.0.782.107 does not properly handle Skia paths, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2012-1798 | 4 Debian, Imagemagick, Opensuse and 1 more | 10 Debian Linux, Imagemagick, Opensuse and 7 more | 2025-04-11 | 4.3 MEDIUM | 6.5 MEDIUM |
|
The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image.
|
|||||
| CVE-2011-2794 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Google Chrome before 13.0.782.107 does not properly perform text iteration, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2012-5109 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
|
The International Components for Unicode (ICU) functionality in Google Chrome before 22.0.1229.92 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to a regular expression.
|
|||||
| CVE-2011-2858 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Google Chrome before 14.0.835.163 does not properly handle triangle arrays, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2011-3911 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Google Chrome before 16.0.912.63 does not properly handle PDF documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2013-0778 | 3 Canonical, Mozilla, Opensuse | 6 Ubuntu Linux, Firefox, Seamonkey and 3 more | 2025-04-11 | 9.3 HIGH | N/A |
|
The ClusterIterator::NextCluster function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2011-3906 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
|
The PDF parser in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2013-3245 | 1 Videolan | 1 Vlc Media Player | 2025-04-11 | 6.8 MEDIUM | 6.3 MEDIUM |
|
plugins/demux/libmkv_plugin.dll in VideoLAN VLC Media Player 2.0.7, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MKV file, possibly involving an integer overflow and out-of-bounds read or heap-based buffer overflow, or an uncaught exception. NOTE: the vendor disputes the severity and claimed vulnerability type of this issue, stating "This PoC crashes VLC, indeed, but does nothing more... this is not a ...
Show More |
|||||
| CVE-2011-2844 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Google Chrome before 14.0.835.163 does not properly process MP3 files, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2011-3059 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Google Chrome before 18.0.1025.142 does not properly handle SVG text elements, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2011-3893 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Google Chrome before 15.0.874.120 does not properly implement the MKV and Vorbis media handlers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2011-3025 | 1 Google | 1 Chrome | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Google Chrome before 17.0.963.56 does not properly parse H.264 data, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||