Vulnerabilities (CVE)

Filtered by CWE-787
Total 12288 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-0987 3 Adobe, Apple, Microsoft 3 Shockwave Player, Macos, Windows 2025-04-11 9.3 HIGH 8.8 HIGH
Heap-based buffer overflow in Adobe Shockwave Player before 11.5.7.609 might allow remote attackers to execute arbitrary code via crafted embedded fonts in a Shockwave file.
CVE-2012-3403 1 Gimp 1 Gimp 2025-04-11 6.8 MEDIUM N/A
Heap-based buffer overflow in the KiSS CEL file format plug-in in GIMP 2.8.x and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted KiSS palette file, which triggers an "invalid free."
CVE-2009-4134 1 Python 1 Python 2025-04-11 5.0 MEDIUM N/A
Buffer underflow in the rgbimg module in Python 2.5 allows remote attackers to cause a denial of service (application crash) via a large ZSIZE value in a black-and-white (aka B/W) RGB image that triggers an invalid pointer dereference.
CVE-2013-4156 1 Apache 1 Openoffice 2025-04-11 6.8 MEDIUM N/A
Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted element in an OOXML document file.
CVE-2011-4372 3 Adobe, Apple, Microsoft 4 Acrobat, Reader, Macos and 1 more 2025-04-11 7.5 HIGH 9.8 CRITICAL
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4373.
CVE-2010-4743 2 Fedoraproject, Moinejf 2 Fedora, Abcm2ps 2025-04-11 6.8 MEDIUM N/A
Heap-based buffer overflow in the getarena function in abc2ps.c in abcm2ps before 5.9.13 might allow remote attackers to execute arbitrary code via a crafted ABC file, a different vulnerability than CVE-2010-3441. NOTE: some of these details are obtained from third party information.
CVE-2013-3163 1 Microsoft 9 Internet Explorer, Windows 7, Windows 8 and 6 more 2025-04-11 9.3 HIGH 8.8 HIGH
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3144 and CVE-2013-3151.
CVE-2010-1281 3 Adobe, Apple, Microsoft 3 Shockwave Player, Macos, Windows 2025-04-11 9.3 HIGH 8.8 HIGH
iml32.dll in Adobe Shockwave Player before 11.5.7.609 does not validate a certain value from a file before using it in file-pointer calculations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file.
CVE-2011-4315 3 F5, Fedoraproject, Suse 5 Nginx, Fedora, Studio and 2 more 2025-04-11 6.8 MEDIUM N/A
Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.
CVE-2011-1180 1 Linux 1 Linux Kernel 2025-04-11 7.5 HIGH 9.8 CRITICAL
Multiple stack-based buffer overflows in the iriap_getvaluebyclass_indication function in net/irda/iriap.c in the Linux kernel before 2.6.39 allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging connectivity to an IrDA infrared network and sending a large integer value for a (1) name length or (2) attribute length.
CVE-2011-1302 1 Google 1 Chrome 2025-04-11 9.3 HIGH N/A
Heap-based buffer overflow in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors.
CVE-2023-36824 2 Fedoraproject, Redis 2 Fedora, Redis 2025-04-10 N/A 7.4 HIGH
Redis is an in-memory database that persists on disk. In Redit 7.0 prior to 7.0.12, extracting key names from a command and a list of arguments may, in some cases, trigger a heap overflow and result in reading random heap memory, heap corruption and potentially remote code execution. Several scenarios that may lead to authenticated users executing a specially crafted `COMMAND GETKEYS` or `COMMAND GETKEYSANDFLAGS`and authenticated users who were set with ACL rules that match key names, executing a specially crafted command that refers to a variadic list of key names. The vulnerability is patched in Redis 7.0.12.
CVE-2022-40661 1 Nikon 1 Nis-elements Viewer 2025-04-10 N/A 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15134.
CVE-2023-34095 1 Openprinting 1 Cpdb-libs 2025-04-10 N/A 9.8 CRITICAL
cpdb-libs provides frontend and backend libraries for the Common Printing Dialog Backends (CPDB) project. In versions 1.0 through 2.0b4, cpdb-libs is vulnerable to buffer overflows via improper use of `scanf(3)`. cpdb-libs uses the `fscanf()` and `scanf()` functions to parse command lines and configuration files, dropping the read string components into fixed-length buffers, but does not limit the length of the strings to be read by `fscanf()` and `scanf()` causing buffer overflows when a string is longer than 1023 characters. A patch for this issue is available at commit f181bd1f14757c2ae0f17cc76dc20421a40f30b7. As all buffers have a length of 1024 characters, the patch limits the maximum string length to be read to 1023 by replacing all occurrences of `%s` with `%1023s` in all calls of the `fscanf()` and `scanf()` functions.
CVE-2023-45591 1 Ailux 1 Imx6 2025-04-10 N/A 7.5 HIGH
A CWE-122 “Heap-based Buffer Overflow” vulnerability in the “logger_generic” function of the “Ax_rtu” binary allows a remote authenticated attacker to trigger a memory corruption in the context of the binary. This may result in a Denial-of-Service (DoS) condition, possibly in the execution of arbitrary code with the same privileges of the process (root), or have other unspecified impacts on the device. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2.
CVE-2025-1163 1 Code-projects 1 Vehicle Parking Management System 2025-04-10 4.3 MEDIUM 5.3 MEDIUM
A vulnerability classified as critical was found in code-projects Vehicle Parking Management System 1.0. This vulnerability affects the function login of the component Authentication. The manipulation of the argument username leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
CVE-2024-28877 1 Microdicom 1 Dicom Viewer 2025-04-10 N/A 8.8 HIGH
MicroDicom DICOM Viewer is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code on affected installations of DICOM Viewer. User interaction is required to exploit this vulnerability.
CVE-2025-22225 1 Vmware 4 Cloud Foundation, Esxi, Telco Cloud Infrastructure and 1 more 2025-04-10 N/A 8.2 HIGH
VMware ESXi contains an arbitrary write vulnerability. A malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox.
CVE-2022-47118 1 Tenda 2 A15, A15 Firmware 2025-04-10 N/A 9.8 CRITICAL
Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the wepkey1 parameter at /goform/WifiBasicSet.
CVE-2022-32635 2 Google, Mediatek 49 Android, Mt6580, Mt6735 and 46 more 2025-04-10 N/A 7.8 HIGH
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573237; Issue ID: ALPS07573237.