CWE-189
1242 CVEs classified under CWE-189. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2015-8396 | Critical | 10.0 | 2016-01-12 | Integer overflow in the ImageRegionReader::ReadIntoBuffer function in MediaStorageAndFileFormat/gdcmImageRegionReader.cxx in Grassroots DICOM (aka GDCM) before… |
CVE-2016-10490 | Critical | 9.8 | 2018-04-18 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM962… |
CVE-2016-10714 | Critical | 9.8 | 2018-02-27 | In zsh before 5.3, an off-by-one error resulted in undersized buffers that were intended to support PATH_MAX characters. |
CVE-2016-9961 | Critical | 9.8 | 2017-06-06 | game-music-emu before 0.6.1 mishandles unspecified integer values. |
CVE-2016-10145 | Critical | 9.8 | 2017-03-24 | Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy. |
CVE-2016-3645 | Critical | 9.8 | 2016-06-30 | Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SD… |
CVE-2014-9766 | Critical | 9.8 | 2016-04-13 | Integer overflow in the create_bits function in pixman-bits-image.c in Pixman before 0.32.6 allows remote attackers to cause a denial of service (application c… |
CVE-2016-1946 | Critical | 9.8 | 2016-01-31 | The MoofParser::Metadata function in binding/MoofParser.cpp in libstagefright in Mozilla Firefox before 44.0 does not limit the size of read operations, which… |
CVE-2016-0859 | Critical | 9.8 | 2016-01-15 | Integer overflow in the Kernel service in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (stack-… |
CVE-2011-2013 | Critical | 9.8 | 2011-11-08 | Integer overflow in the TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote… |
CVE-2007-1383 | Critical | 9.8 | 2007-03-10 | Integer overflow in the 16 bit variable reference counter in PHP 4 allows context-dependent attackers to execute arbitrary code by overflowing this counter, wh… |
CVE-2016-6223 | Critical | 9.1 | 2017-01-23 | The TIFFReadRawStrip1 and TIFFReadRawTile1 functions in tif_read.c in libtiff before 4.0.7 allows remote attackers to cause a denial of service (crash) or poss… |
CVE-2015-8776 | Critical | 9.1 | 2016-04-19 | The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash)… |
CVE-2015-8540 | High | 8.8 | 2016-04-14 | Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1… |
CVE-2016-1968 | High | 8.8 | 2016-03-13 | Integer underflow in Brotli, as used in Mozilla Firefox before 45.0, allows remote attackers to execute arbitrary code or cause a denial of service (buffer ove… |
CVE-2015-8664 | High | 8.8 | 2015-12-24 | Integer overflow in the WebCursor::Deserialize function in content/common/cursors/webcursor.cc in Google Chrome before 47.0.2526.106 allows remote attackers to… |
CVE-2013-0006 | High | 8.8 | 2013-01-09 | Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a cr… |
CVE-2011-0663 | High | 8.8 | 2011-04-13 | Multiple integer overflows in the Microsoft (1) JScript 5.6 through 5.8 and (2) VBScript 5.6 through 5.8 scripting engines allow remote attackers to execute ar… |
CVE-2015-5259 | High | 8.6 | 2016-01-08 | Integer overflow in the read_string function in libsvn_ra_svn/marshal.c in Apache Subversion 1.9.x before 1.9.3 allows remote attackers to execute arbitrary co… |
CVE-2016-2463 | High | 8.4 | 2016-06-13 | Multiple integer overflows in the h264dec component in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6… |