2305 matches found
CVE-2017-5029
The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of...
CVE-2017-5037
Removed by vendor...
UBUNTU-CVE-2017-5448
An out-of-bounds write in "ClearKeyDecryptor" while decrypting some Clearkey-encrypted media content. The "ClearKeyDecryptor" code runs within the Gecko Media Plugin GMP sandbox. If a second mechanism is found to escape the sandbox, this vulnerability allows for the writing of arbitrary data with...
CVE-2016-7531
MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service out-of-bounds write via a crafted PDB file...
DEBIAN-CVE-2017-7861
Google gRPC before 2017-02-22 has an out-of-bounds write related to the gprfree function in core/lib/support/alloc.c...
CVE-2016-9958
game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations...
UBUNTU-CVE-2016-9958
game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations...
DEBIAN-CVE-2016-9958
game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations...
Memory corruption
fastping.c in MRLG aka Multi-Router Looking Glass before 5.5.0 allows remote attackers to cause an arbitrary memory write and memory corruption...
CVE-2014-3931
fastping.c in MRLG aka Multi-Router Looking Glass before 5.5.0 allows remote attackers to cause an arbitrary memory write and memory corruption...
CVE-2014-3931
CVE-2014-3931 affects Multi-Router Looking Glass (MRLG); MRLG versions prior to 5.5.0 contain a buffer/memory handling vulnerability in fastping.c that can be triggered remotely without authentication, leading to an arbitrary memory write and memory corruption (potential RCE). Public references (...
(Pwn2Own) Mozilla Firefox createImageBitmap Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
CVE-2017-6451
The mx4200send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, which trigger an out-of-bounds memory write...
CVE-2017-6451
The mx4200send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, which trigger an out-of-bounds memory write...
CVE-2017-6451
The mx4200send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, which trigger an out-of-bounds memory write...
Out-of-bounds
The mx4200send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, which trigger an out-of-bounds memory write...
CVE-2017-6451
CVE-2017-6451 affects the NTP legacy MX4200 refclock. The mx4200_send function mishandles the return value of snprintf, enabling a local attacker to trigger an out-of-bounds write and potentially execute arbitrary code. Affected: NTP before 4.2.8p10 and 4.3.x before 4.3.94. Mitigation/remediation...
CVE-2017-6451
The mx4200send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, which trigger an out-of-bounds memory write...
chromium-browser: multiple out of bounds writes in chunkdemuxer
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer...
Microsoft Scripting Engine Memory Corruption (MS17-007: CVE-2017-0032)
An integer overflow vulnerability exists in Microsoft Edge. The vulnerability is due to an error in Microsoft Edge while handling a specially crafted HTML file. Successful exploitation of this issue can lead to arbitrary memory write...