5353 matches found
CVE-2016-2335
7-Zip/p7zip vulnerability CVE-2016-2335 affects the CInArchive::ReadFileItem method in Archive/Udf/UdfIn.cpp for 7zip 9.20 and 15.05 beta, enabling out-of-bounds read and potential code execution via the PartitionRef in the Long Allocation Descriptor of a UDF file. Connected advisories confirm a ...
CVE-2016-0718
Expat allows context-dependent attackers to cause a denial of service crash or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow...
CVE-2016-4576
Buffer overflow in the Application Specific Packet Filtering ASPF functionality in the Huawei IPS Module, NGFW Module, NIP6300, NIP6600, Secospace USG6300, USG6500, USG6600, USG9500, and AntiDDoS8000 devices with software before V500R001C20SPC100 allows remote attackers to cause a denial of servi...
CVE-2016-4087
Huawei S12700 switches with software before V200R008C00SPC500 and S5700 switches with software before V200R005SPH010, when the debug switch is enabled, allows remote attackers to cause a denial of service or execute arbitrary code via crafted DNS packets...
CVE-2016-4087
CVE-2016-4087 affects Huawei S12700 switches pre-V200R008C00SPC500 and S5700 switches pre-V200R005SPH010. When the device Debug switch is on, processing crafted DNS packets can cause a denial of service or remote code execution due to an input validation/checksum vulnerability in the affected Hua...
CVE-2016-1859
The WebKit Canvas implementation in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site...
CVE-2016-1848
QuickTime in Apple OS X before 10.11.5 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted file...
CVE-2016-1854
WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, a different vulnerability than CVE-2016-1855, CVE-2016-1856, and CVE-2016-1857...
CVE-2016-1848
QuickTime in Apple OS X before 10.11.5 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted file...
CVE-2016-1850
SceneKit in Apple OS X before 10.11.5 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted file...
CVE-2016-1857
WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, a different vulnerability than CVE-2016-1854, CVE-2016-1855, and CVE-2016-1856...
CVE-2015-4604
The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relationship, which allows remote attackers to cause a denial of service application crash or possibly...
CVE-2016-2196
Heap-based buffer overflow in the P-521 reduction function in Botan 1.11.x before 1.11.27 allows remote attackers to cause a denial of service memory overwrite and crash or execute arbitrary code via unspecified vectors...
CVE-2016-2196
Heap-based buffer overflow in the P-521 reduction function in Botan 1.11.x before 1.11.27 allows remote attackers to cause a denial of service memory overwrite and crash or execute arbitrary code via unspecified vectors...
Debian DLA-464-1 : libav security update
It was discovered that there was a use-after free vulnerability in libav, a multimedia player, server, encoder and transcoder library. The segwritepacket function in libavformat/segment.c in ffmpeg 2.1.4 and earlier does not free the correct memory location, which allows remote attackers to cause...
CVE-2016-1094
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different...
CVE-2016-1075
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different...
CVE-2016-1057
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different...
CVE-2016-1053
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different...
CVE-2016-1052
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different...