Search Results (3375 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-21948 2 Anycubic, Chitubox 2 Chitubox, Chitubox Basic 2025-04-15 7.8 High
A heap-based buffer overflow vulnerability exists in the readDatHeadVec functionality of AnyCubic Chitubox AnyCubic Plugin 1.0.0. A specially-crafted GF file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2022-41639 2 Debian, Openimageio 2 Debian Linux, Openimageio 2025-04-15 9.8 Critical
A heap based buffer overflow vulnerability exists in tile decoding code of TIFF image parser in OpenImageIO master-branch-9aeece7a and v2.3.19.0. A specially-crafted TIFF file can lead to an out of bounds memory corruption, which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2022-41794 2 Debian, Openimageio 2 Debian Linux, Openimageio 2025-04-15 9.8 Critical
A heap based buffer overflow vulnerability exists in the PSD thumbnail resource parsing code of OpenImageIO 2.3.19.0. A specially-crafted PSD file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2022-41838 2 Debian, Openimageio 2 Debian Linux, Openimageio 2025-04-15 9.8 Critical
A code execution vulnerability exists in the DDS scanline parsing functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially-crafted .dds can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2022-43597 2 Debian, Openimageio 2 Debian Linux, Openimageio 2025-04-15 8.1 High
Multiple memory corruption vulnerabilities exist in the IFFOutput alignment padding functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to arbitrary code execution. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `m_spec.format` is `TypeDesc::UINT8`.
CVE-2023-36417 1 Microsoft 2 Ole Db Driver For Sql Server, Sql Server 2025-04-14 7.8 High
Microsoft SQL OLE DB Remote Code Execution Vulnerability
CVE-2023-36577 1 Microsoft 11 Windows 10 1507, Windows 10 1809, Windows 10 21h1 and 8 more 2025-04-14 8.8 High
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2023-36598 1 Microsoft 11 Windows 10 1507, Windows 10 1809, Windows 10 21h1 and 8 more 2025-04-14 7.8 High
Microsoft WDAC ODBC Driver Remote Code Execution Vulnerability
CVE-2023-36730 1 Microsoft 2 Odbc Driver For Sql Server, Sql Server 2025-04-14 7.8 High
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2022-43598 2 Debian, Openimageio 2 Debian Linux, Openimageio 2025-04-14 8.1 High
Multiple memory corruption vulnerabilities exist in the IFFOutput alignment padding functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to arbitrary code execution. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `m_spec.format` is `TypeDesc::UINT16`.
CVE-2022-43599 2 Debian, Openimageio 2 Debian Linux, Openimageio 2025-04-14 8.1 High
Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `xmax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT8`
CVE-2022-43600 2 Debian, Openimageio 2 Debian Linux, Openimageio 2025-04-14 8.1 High
Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `xmax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT16`
CVE-2022-43601 2 Debian, Openimageio 2 Debian Linux, Openimageio 2025-04-14 8.1 High
Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `ymax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT16`
CVE-2022-43602 2 Debian, Openimageio 2 Debian Linux, Openimageio 2025-04-14 8.1 High
Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `ymax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT8`
CVE-2025-29479 2025-04-12 4.0 Medium
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2015-7499 7 Apple, Canonical, Debian and 4 more 17 Iphone Os, Mac Os X, Tvos and 14 more 2025-04-12 N/A
Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.
CVE-2016-4344 1 Php 1 Php 2025-04-12 9.8 Critical
Integer overflow in the xml_utf8_encode function in ext/xml/xml.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long argument to the utf8_encode function, leading to a heap-based buffer overflow.
CVE-2015-8384 2 Pcre, Redhat 2 Perl Compatible Regular Expression Library, Rhel Software Collections 2025-04-12 N/A
PCRE before 8.38 mishandles the /(?J)(?'d'(?'d'\g{d}))/ pattern and related patterns with certain recursive back references, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to CVE-2015-8392 and CVE-2015-8395.
CVE-2015-7498 5 Canonical, Debian, Hp and 2 more 11 Ubuntu Linux, Debian Linux, Icewall Federation Agent and 8 more 2025-04-12 N/A
Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure.
CVE-2015-7552 2 Opensuse, Redhat 2 Opensuse, Enterprise Linux 2025-04-12 N/A
Heap-based buffer overflow in the gdk_pixbuf_flip function in gdk-pixbuf-scale.c in gdk-pixbuf 2.30.x allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted BMP file.