Search Results (3405 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-34819 1 Siemens 30 Simatic Cp 1242-7 V2, Simatic Cp 1242-7 V2 Firmware, Simatic Cp 1243-1 and 27 more 2025-04-21 10 Critical
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All versions < V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions < V3.3.46), SIMATIC CP 1243-7 LTE US (All versions < V3.3.46), SIMATIC CP 1243-8 IRC (All versions < V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0 < V2.2.28), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions < V3.3.46), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions < V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions < V3.3.46). The application lacks proper validation of user-supplied data when parsing specific messages. This could result in a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of device.
CVE-2022-2566 1 Ffmpeg 1 Ffmpeg 2025-04-21 9 Critical
A heap out-of-bounds memory write exists in FFMPEG since version 5.1. The size calculation in `build_open_gop_key_points()` goes through all entries in the loop and adds `sc->ctts_data[i].count` to `sc->sample_offsets_count`. This can lead to an integer overflow resulting in a small allocation with `av_calloc()`. An attacker can cause remote code execution via a malicious mp4 file. We recommend upgrading past commit c953baa084607dd1d84c3bfcce3cf6a87c3e6e05
CVE-2022-39136 1 Siemens 2 Jt2go, Teamcenter Visualization 2025-04-21 7.8 High
A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.7), Teamcenter Visualization V13.3 (All versions >= V13.3.0.7 < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.3), Teamcenter Visualization V14.1 (All versions < V14.1.0.4). The affected application is vulnerable to fixed-length heap-based buffer while parsing specially crafted TIF files. An attacker could leverage this vulnerability to execute code in the context of the current process.
CVE-2016-2377 3 Canonical, Debian, Pidgin 3 Ubuntu Linux, Debian Linux, Pidgin 2025-04-20 N/A
A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent by the server could potentially result in an out-of-bounds write of one byte. A malicious server can send a negative content-length in response to a HTTP request triggering the vulnerability.
CVE-2017-9727 2 Artifex, Debian 2 Ghostscript Ghostxps, Debian Linux 2025-04-20 N/A
The gx_ttfReader__Read function in base/gxttfb.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.
CVE-2017-9726 2 Artifex, Debian 2 Ghostscript Ghostxps, Debian Linux 2025-04-20 N/A
The Ins_MDRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.
CVE-2017-9620 1 Artifex 1 Ghostscript Ghostxps 2025-04-20 N/A
The xps_select_font_encoding function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document, related to the xps_encode_font_char_imp function.
CVE-2017-9611 2 Artifex, Debian 2 Ghostscript, Debian Linux 2025-04-20 7.8 High
The Ins_MIRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.
CVE-2017-9610 1 Artifex 1 Ghostscript Ghostxps 2025-04-20 N/A
The xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.
CVE-2017-8786 1 Pcre 1 Pcre2 2025-04-20 N/A
pcre2test.c in PCRE2 10.23 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression.
CVE-2017-8105 2 Debian, Freetype 2 Debian Linux, Freetype 2025-04-20 N/A
FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c.
CVE-2017-5577 1 Linux 1 Linux Kernel 2025-04-20 N/A
The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 does not set an errno value upon certain overflow detections, which allows local users to cause a denial of service (incorrect pointer dereference and OOPS) via inconsistent size values in a VC4_SUBMIT_CL ioctl call.
CVE-2017-5563 1 Libtiff 1 Libtiff 2025-04-20 N/A
LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff.
CVE-2017-5545 1 Libimobiledevice 1 Libplist 2025-04-20 N/A
The main function in plistutil.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via Apple Property List data that is too short.
CVE-2017-5511 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2025-04-20 9.8 Critical
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow.
CVE-2017-5508 1 Imagemagick 1 Imagemagick 2025-04-20 N/A
Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF file.
CVE-2017-2818 1 Freedesktop 1 Poppler 2025-04-20 N/A
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger this vulnerability.
CVE-2017-2814 1 Freedesktop 1 Poppler 2025-04-20 N/A
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted pdf can cause an image resizing after allocation has already occurred, resulting in heap corruption which can lead to code execution. An attacker controlled PDF file can be used to trigger this vulnerability.
CVE-2017-17504 3 Canonical, Debian, Imagemagick 3 Ubuntu Linux, Debian Linux, Imagemagick 2025-04-20 6.5 Medium
ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage.
CVE-2017-17124 1 Gnu 1 Binutils 2025-04-20 N/A
The _bfd_coff_read_string_table function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not properly validate the size of the external string table, which allows remote attackers to cause a denial of service (excessive memory consumption, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted COFF binary.