CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

142 matches found

Cvelist•added 2018/09/19 2:0 p.m.•13 views

CVE-2018-11891

In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, lack of check on the length of array while accessing can lead to an out of bound read in WLAN HOST function...

8.5AI score0.00304EPSS

Exploits0References3

UbuntuCve•added 2017/12/21 3:29 a.m.•23 views

CVE-2017-17821

WTF/wtf/FastBitVector.h in WebKit, as distributed in Safari Technology Preview Release 46, allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact because it calls the FastBitVectorWordOwner::resizeSlow function in WTF/wtf/FastBitVector.cpp f...

9.8CVSS7.3AI score0.00677EPSS

Exploits0References2

CNVD•added 2017/02/14 12:0 a.m.•1 views

Artifex Software MuJS 'mujs/jsrun.c' Integer Overflow Vulnerability

Artifex Software MuJS is a lightweight JavaScript interpreter from Artifex Software, USA, which is used to embed into other software to provide script execution capabilities. Artifex Software MuJS 4006739a28367c708dea19aeb19b8a1a9326ce08 A security vulnerability exists in previous versions of...

7.8CVSS7.7AI score0.00207EPSS

Exploits0References1

OSV•added 2017/01/30 4:59 a.m.•2 views

CVE-2017-5627

An issue was discovered in Artifex Software, Inc. MuJS before 4006739a28367c708dea19aeb19b8a1a9326ce08. The jsRsetproperty function in jsrun.c lacks a check for a negative array length. This leads to an integer overflow in the jspushstring function in jsrun.c when parsing a specially crafted JS...

7.8CVSS5.8AI score0.00207EPSS

Exploits0References3

Prion•added 2017/01/30 4:59 a.m.•17 views

Integer overflow

6.8CVSS7.6AI score0.00207EPSS

Exploits0References3Affected Software1

AlpineLinux•added 2017/01/30 4:24 a.m.•2 views

CVE-2017-5627

7.8CVSS7.5AI score0.00207EPSS

Exploits0References3

Cvelist•added 2017/01/30 4:24 a.m.•21 views

CVE-2017-5627

8.7AI score0.00207EPSS

Exploits0References3

Debian CVE•added 2017/01/30 4:24 a.m.•19 views

CVE-2017-5627

7.8CVSS7.4AI score0.00207EPSS

Exploits0

BDU FSTEC•added 2017/01/13 12:0 a.m.•3 views

The vulnerability of the Flash Player software, which allows a perpetrator to execute arbitrary code

The vulnerability of the Flash Player software is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by manipulating the length properties of object arrays...

10CVSS8.1AI score0.05939EPSS

Exploits0References3Affected Software2

BDU FSTEC•added 2017/01/13 12:0 a.m.•1 views

The vulnerability of the Flash Player software, which allows a perpetrator to execute arbitrary code

10CVSS8.1AI score0.05939EPSS

Exploits0References4Affected Software2

BDU FSTEC•added 2016/12/22 12:0 a.m.•1 views

The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code

The vulnerability of the Flash Player software is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code upon installation of certain object array length properties...

10CVSS8.1AI score0.05939EPSS

Exploits0References3Affected Software2

OSV•added 2016/12/15 6:59 a.m.•0 views

CVE-2016-7880

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability when setting the length property of an array object. Successful exploitation could lead to arbitrary code execution...

8.8CVSS6AI score0.05939EPSS

Exploits0References8

RedHat Linux•added 2016/12/14 1:2 p.m.•2 views

flash-plugin: multiple code execution issues fixed in APSB16-39

9.3CVSS6.1AI score0.05939EPSS

Exploits0References5

Positive Technologies•added 2016/12/14 12:0 a.m.•1 views

PT-2016-2948 · Adobe +3 · Flash Player +3

Name of the Vulnerable Software and Affected Versions: Adobe Flash Player versions 23.0.0.207 and earlier Adobe Flash Player versions 11.2.202.644 and earlier Description: The issue is related to a use after free vulnerability when setting the length property of an array object. This could lead t...

10CVSS9.3AI score0.21966EPSS

Exploits0References115

OSV•added 2014/11/04 9:55 p.m.•1 views

DEBIAN-CVE-2013-4531

Buffer overflow in target-arm/machine.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a negative value in cpregvmstatearraylen in a savevm image...

7.5CVSS8AI score0.02001EPSS

Exploits0References1

RedHat Linux•added 2014/10/13 9:6 p.m.•0 views

libXxf86vm: Multiple Array Index error leading to heap-based OOB write

Buffer overflow in X.org libXxf86vm 1.1.2 and earlier allows X servers to cause a denial of service crash and possibly execute arbitrary code via crafted length or index values to the XF86VidModeGetGammaRamp function...

6.8CVSS6.2AI score0.0115EPSS

Exploits0References5

RedHat Linux•added 2013/02/20 4:20 p.m.•1 views

samba: Multiple heap-based buffer overflows in memory management based on NDR marshalling code output

The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call...

10CVSS8AI score0.7855EPSS

Exploits9References5

RedHat Linux•added 2012/04/13 1:41 p.m.•1 views

samba: Multiple heap-based buffer overflows in memory management based on NDR marshalling code output

10CVSS8AI score0.7855EPSS

Exploits9References5

OSV•added 2012/04/10 9:55 p.m.•1 views

DEBIAN-CVE-2012-1182

10CVSS9.4AI score0.7855EPSS

Exploits9References1

RedHat Linux•added 2012/04/10 9:11 p.m.•1 views

samba: Multiple heap-based buffer overflows in memory management based on NDR marshalling code output