Main entries ~3674 :
Date ID Summary Products Score Patch Annotated
2018-04-06 CVE-2018-1000156 GNU patch is processd by ed. This allows arbitrary command executions through a line beginning with ! Ubuntu_linux, Debian_linux, Patch, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation 7.8
2018-06-08 CVE-2018-4222 There is an out-of-bounds read when compiling WebAssembly source buffers in WebKit. If the buffer is a view, the offset is added to the buffer twice before this is copied. This could allow memory off the heap to be read out of the source buffer, either though parsing exceptions or data sections when they are copied Icloud, Iphone_os, Itunes, Safari, Tvos, Watchos, Ubuntu_linux 8.8
2013-05-29 CVE-2002-2443 schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) before 1.11.3 does not properly validate UDP packets before sending responses, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged packet that triggers a communication loop, as demonstrated by krb_pingpong.nasl, a related issue to CVE-1999-0103. Kerberos N/A
2017-08-07 CVE-2006-3635 The ia64 subsystem in the Linux kernel before 2.6.26 allows local users to cause a denial of service (stack consumption and system crash) via a crafted application that leverages the mishandling of invalid Register Stack Engine (RSE) state. Linux_kernel 5.5
2010-04-12 CVE-2010-1152 memcached.c in memcached before 1.4.3 allows remote attackers to cause a denial of service (daemon hang or crash) via a long line that triggers excessive memory allocation. NOTE: some of these details are obtained from third party information. Memcached N/A
2010-02-25 CVE-2010-0011 The eval_js function in uzbl-core.c in Uzbl before 2010.01.05 exposes the run method of the Uzbl object, which allows remote attackers to execute arbitrary commands via JavaScript code. Uzbl N/A
2017-03-29 CVE-2009-5147 DL::dlopen in Ruby 1.8, 1.9.0, 1.9.2, 1.9.3, 2.0.0 before patchlevel 648, and 2.1 before 2.1.8 opens libraries with tainted names. Ruby 7.3
Remaining NVD entries (unprocessed / no code available): ~125136 :
Date ID Summary Products Score Patch
2019-09-16 CVE-2019-16352 ffjpeg before 2019-08-21 has a heap-based buffer overflow in jfif_load() at jfif.c. N/A N/A
2019-09-16 CVE-2019-16351 ffjpeg before 2019-08-18 has a NULL pointer dereference in huffman_decode_step() at huffman.c. N/A N/A
2019-09-16 CVE-2019-16350 ffjpeg before 2019-08-18 has a NULL pointer dereference in idct2d8x8() at dct.c. N/A N/A
2019-09-16 CVE-2019-16349 Bento4 1.5.1-628 has a NULL pointer dereference in AP4_ByteStream::ReadUI32 in Core/Ap4ByteStream.cpp when called from the AP4_TrunAtom class. N/A N/A
2019-09-16 CVE-2019-16348 marc-q libwav through 2019-08-15 has a NULL pointer dereference in gain_file() at wav_gain.c. N/A N/A
2019-09-16 CVE-2019-16347 ngiflib 0.4 has a heap-based buffer overflow in WritePixels() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled. N/A N/A
2019-09-16 CVE-2019-16346 ngiflib 0.4 has a heap-based buffer overflow in WritePixel() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled. N/A N/A