2298 matches found
UBUNTU-CVE-2016-9958
game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations...
Memory corruption
fastping.c in MRLG aka Multi-Router Looking Glass before 5.5.0 allows remote attackers to cause an arbitrary memory write and memory corruption...
CVE-2014-3931
CVE-2014-3931 affects Multi-Router Looking Glass (MRLG); MRLG versions prior to 5.5.0 contain a buffer/memory handling vulnerability in fastping.c that can be triggered remotely without authentication, leading to an arbitrary memory write and memory corruption (potential RCE). Public references (...
CVE-2014-3931
fastping.c in MRLG aka Multi-Router Looking Glass before 5.5.0 allows remote attackers to cause an arbitrary memory write and memory corruption...
(Pwn2Own) Mozilla Firefox createImageBitmap Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
CVE-2017-6451
The mx4200send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, which trigger an out-of-bounds memory write...
CVE-2017-6451
The mx4200send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, which trigger an out-of-bounds memory write...
Out-of-bounds
The mx4200send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, which trigger an out-of-bounds memory write...
CVE-2017-6451
The mx4200send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, which trigger an out-of-bounds memory write...
CVE-2017-6451
The mx4200send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, which trigger an out-of-bounds memory write...
CVE-2017-6451
CVE-2017-6451 affects the NTP legacy MX4200 refclock. The mx4200_send function mishandles the return value of snprintf, enabling a local attacker to trigger an out-of-bounds write and potentially execute arbitrary code. Affected: NTP before 4.2.8p10 and 4.3.x before 4.3.94. Mitigation/remediation...
chromium-browser: multiple out of bounds writes in chunkdemuxer
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer...
Microsoft Scripting Engine Memory Corruption (MS17-007: CVE-2017-0032)
An integer overflow vulnerability exists in Microsoft Edge. The vulnerability is due to an error in Microsoft Edge while handling a specially crafted HTML file. Successful exploitation of this issue can lead to arbitrary memory write...
CVE-2017-5029
The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of...
CVE-2017-5037
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer...
UBUNTU-CVE-2017-5029
The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of...
CVE-2017-5037
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer...
CVE-2017-5503
The decclnpass function in libjasper/jpc/jpct1dec.c in JasPer 1.900.27 allows remote attackers to cause a denial of service invalid memory write and crash or possibly have unspecified other impact via a crafted image...
CVE-2017-5503
The decclnpass function in libjasper/jpc/jpct1dec.c in JasPer 1.900.27 allows remote attackers to cause a denial of service invalid memory write and crash or possibly have unspecified other impact via a crafted image...
CVE-2017-5503
CVE-2017-5503 affects JasPer library (JasPer 1.900.27) in the dec_clnpass path (libjasper/jpc/jpc_t1dec.c). A crafted image can trigger a denial of service via an invalid memory write, potentially with additional impact. Connected advisories confirm the same vulnerability across multiple vendor f...