The MoofParser::Metadata function in binding/MoofParser.cpp in libstagefright in Mozilla Firefox before 44.0 does not limit the size of read operations, which might allow remote attackers to cause a denial of service (integer overflow and buffer overflow) or possibly have unspecified other impact via crafted metadata.
Max CVSS
10.0
EPSS Score
3.86%
Published
2016-01-31
Updated
2018-10-30
The Buffer11::NativeBuffer11::map function in ANGLE, as used in Mozilla Firefox before 44.0, might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
Max CVSS
10.0
EPSS Score
3.14%
Published
2016-01-31
Updated
2018-10-30
Buffer overflow in the BufferSubData function in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allows remote attackers to execute arbitrary code via crafted WebGL content.
Max CVSS
9.3
EPSS Score
0.63%
Published
2016-01-31
Updated
2019-12-27
Integer overflow in the image-deinterlacing functionality in Mozilla Firefox before 44.0 allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted GIF image.
Max CVSS
6.5
EPSS Score
2.99%
Published
2016-01-31
Updated
2018-10-30
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to uninitialized memory encountered during brotli data compression, and other vectors.
Max CVSS
10.0
EPSS Score
3.88%
Published
2016-01-31
Updated
2018-10-30
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Max CVSS
10.0
EPSS Score
0.75%
Published
2016-01-31
Updated
2019-12-27
Buffer overflow in the XS engine (hdbxsengine) in SAP HANA allows remote attackers to cause a denial of service or execute arbitrary code via a crafted HTTP request, related to JSON, aka SAP Security Note 2241978.
Max CVSS
9.8
EPSS Score
1.65%
Published
2016-01-20
Updated
2018-12-10
The opj_tgt_reset function in OpenJpeg 2016.1.18 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image.
Max CVSS
6.5
EPSS Score
1.11%
Published
2016-01-27
Updated
2020-09-09
Heap-based buffer overflow in the opj_j2k_update_image_data function in OpenJpeg 2016.1.18 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image.
Max CVSS
6.5
EPSS Score
0.64%
Published
2016-01-27
Updated
2020-09-09
The ssh_packet_read_poll2 function in packet.c in OpenSSH before 7.1p2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted network traffic.
Max CVSS
5.3
EPSS Score
2.12%
Published
2016-01-19
Updated
2022-12-13
Multiple integer overflows in ext/standard/exec.c in PHP 7.x before 7.0.2 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a long string to the (1) php_escape_shell_cmd or (2) php_escape_shell_arg function, leading to a heap-based buffer overflow.
Max CVSS
7.5
EPSS Score
0.96%
Published
2016-01-19
Updated
2016-12-07
The gdImageRotateInterpolated function in ext/gd/libgd/gd_interpolation.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a large bgd_color argument to the imagerotate function.
Max CVSS
9.1
EPSS Score
8.85%
Published
2016-01-19
Updated
2018-01-05
Integer overflow in the authenticate_post function in CGit before 0.12 allows remote attackers to have unspecified impact via a large value in the Content-Length HTTP header, which triggers a buffer overflow.
Max CVSS
9.8
EPSS Score
2.88%
Published
2016-01-20
Updated
2016-12-07
The jpc_pi_nextcprl function in JasPer 1.900.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image.
Max CVSS
6.5
EPSS Score
1.11%
Published
2016-01-20
Updated
2018-01-05
Multiple integer overflows in the (1) sycc422_to_rgb and (2) sycc444_to_rgb functions in fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted PDF document.
Max CVSS
7.6
EPSS Score
1.92%
Published
2016-01-25
Updated
2016-12-07
The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the /((?:F?+(?:^(?(R)a+\"){99}-))(?J)(?'R'(?'R'<((?'RR'(?'R'\){97)?J)?J)(?'R'(?'R'\){99|(:(?|(?'R')(\k'R')|((?'R')))H'R'R)(H'R))))))/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
Max CVSS
9.8
EPSS Score
1.61%
Published
2016-01-03
Updated
2022-07-20
Buffer overflow in the CL_vsprintf function in Takumi Yamada DX Library before 3.16 allows remote attackers to execute arbitrary code via a crafted string.
Max CVSS
7.8
EPSS Score
3.79%
Published
2016-01-08
Updated
2016-01-08
Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, and CVE-2016-0945.
Max CVSS
10.0
EPSS Score
1.59%
Published
2016-01-14
Updated
2016-12-07
Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, and CVE-2016-0946.
Max CVSS
10.0
EPSS Score
1.59%
Published
2016-01-14
Updated
2016-12-07
Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0945, and CVE-2016-0946.
Max CVSS
10.0
EPSS Score
1.59%
Published
2016-01-14
Updated
2016-12-07
Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946.
Max CVSS
10.0
EPSS Score
1.59%
Published
2016-01-14
Updated
2016-12-07
Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946.
Max CVSS
8.8
EPSS Score
2.76%
Published
2016-01-14
Updated
2016-12-07
The AcroForm plugin in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946.
Max CVSS
9.3
EPSS Score
2.76%
Published
2016-01-14
Updated
2016-12-07
Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JPEG 2000 data, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946.
Max CVSS
9.3
EPSS Score
4.04%
Published
2016-01-14
Updated
2016-12-07
Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946.
Max CVSS
10.0
EPSS Score
1.94%
Published
2016-01-14
Updated
2016-12-07
83 vulnerabilities found
1 2 3 4
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!