CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (Memory Corruption)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1751 CVE-2016-3280 119 Exec Code Overflow Mem. Corr. 2016-07-12 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
1752 CVE-2016-3278 119 Exec Code Overflow Mem. Corr. 2016-07-12 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Outlook 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
1753 CVE-2016-3269 119 DoS Exec Code Overflow Mem. Corr. 2016-07-12 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3265.
1754 CVE-2016-3265 119 DoS Exec Code Overflow Mem. Corr. 2016-07-12 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3269.
1755 CVE-2016-3264 119 DoS Exec Code Overflow Mem. Corr. 2016-07-12 2018-10-12
7.6
None Remote High Not required Complete Complete Complete
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
1756 CVE-2016-3260 119 DoS Exec Code Overflow Mem. Corr. 2016-07-12 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."
1757 CVE-2016-3259 119 DoS Exec Code Overflow Mem. Corr. 2016-07-12 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3248.
1758 CVE-2016-3248 119 DoS Exec Code Overflow Mem. Corr. 2016-07-12 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3259.
1759 CVE-2016-3247 DoS Exec Code Mem. Corr. 2016-09-14 2018-10-12
5.1
None Remote High Not required Partial Partial Partial
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
1760 CVE-2016-3246 119 DoS Exec Code Overflow Mem. Corr. 2016-07-12 2018-10-12
7.6
None Remote High Not required Complete Complete Complete
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."
1761 CVE-2016-3243 119 DoS Exec Code Overflow Mem. Corr. 2016-07-12 2018-10-12
7.6
None Remote High Not required Complete Complete Complete
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
1762 CVE-2016-3242 119 DoS Exec Code Overflow Mem. Corr. 2016-07-12 2018-10-12
7.6
None Remote High Not required Complete Complete Complete
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3240 and CVE-2016-3241.
1763 CVE-2016-3241 119 DoS Exec Code Overflow Mem. Corr. 2016-07-12 2018-10-12
7.6
None Remote High Not required Complete Complete Complete
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3240 and CVE-2016-3242.
1764 CVE-2016-3240 119 DoS Exec Code Overflow Mem. Corr. 2016-07-12 2018-10-12
7.6
None Remote High Not required Complete Complete Complete
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3241 and CVE-2016-3242.
1765 CVE-2016-3233 119 Exec Code Overflow Mem. Corr. 2016-06-15 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Excel 2007 SP3, Excel 2010 SP2, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
1766 CVE-2016-3228 20 Exec Code Mem. Corr. 2016-06-15 2019-05-08
9.0
None Remote Low Single system Complete Complete Complete
Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows Server 2012 Gold and R2 allow remote authenticated users to execute arbitrary code via a crafted NetLogon request, aka "Windows Netlogon Memory Corruption Remote Code Execution Vulnerability."
1767 CVE-2016-3222 119 DoS Exec Code Overflow Mem. Corr. 2016-06-15 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."
1768 CVE-2016-3214 119 DoS Exec Code Overflow Mem. Corr. 2016-06-15 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3199.
1769 CVE-2016-3211 119 DoS Exec Code Overflow Mem. Corr. 2016-06-15 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0199 and CVE-2016-0200.
1770 CVE-2016-3210 119 DoS Exec Code Overflow Mem. Corr. 2016-06-15 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
The Microsoft (1) JScript and (2) VBScript engines, as used in Internet Explorer 11, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."
1771 CVE-2016-3207 20 DoS Exec Code Mem. Corr. 2016-06-15 2018-10-12
7.6
None Remote High Not required Complete Complete Complete
The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3205 and CVE-2016-3206.
1772 CVE-2016-3206 20 DoS Exec Code Mem. Corr. 2016-06-15 2018-10-12
7.6
None Remote High Not required Complete Complete Complete
The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3205 and CVE-2016-3207.
1773 CVE-2016-3205 20 DoS Exec Code Mem. Corr. 2016-06-15 2018-10-12
7.6
None Remote High Not required Complete Complete Complete
The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3206 and CVE-2016-3207.
1774 CVE-2016-3204 119 DoS Exec Code Overflow Mem. Corr. 2016-07-12 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
The Microsoft (1) JScript 5.8 and 9 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."
1775 CVE-2016-3202 20 DoS Exec Code Mem. Corr. 2016-06-15 2018-10-12
7.6
None Remote High Not required Complete Complete Complete
The Microsoft (1) Chakra JavaScript, (2) JScript, and (3) VBScript engines, as used in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."
1776 CVE-2016-3199 119 DoS Exec Code Overflow Mem. Corr. 2016-06-15 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3214.
1777 CVE-2016-3141 119 DoS Overflow Mem. Corr. 2016-03-31 2018-01-04
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in wddx.c in the WDDX extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact by triggering a wddx_deserialize call on XML data containing a crafted var element.
1778 CVE-2016-3135 189 DoS Overflow +Priv Mem. Corr. 2016-04-27 2017-09-07
7.2
None Local Low Not required Complete Complete Complete
Integer overflow in the xt_alloc_table_info function in net/netfilter/x_tables.c in the Linux kernel through 4.5.2 on 32-bit platforms allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.
1779 CVE-2016-3134 119 DoS Overflow +Priv Mem. Corr. 2016-04-27 2018-01-04
7.2
None Local Low Not required Complete Complete Complete
The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.
1780 CVE-2016-3076 119 DoS Overflow Mem. Corr. 2017-04-24 2017-04-28
4.3
None Remote Medium Not required None None Partial
Heap-based buffer overflow in the j2k_encode_entry function in Pillow 2.5.0 through 3.1.1 allows remote attackers to cause a denial of service (memory corruption) via a crafted Jpeg2000 file.
1781 CVE-2016-3062 119 DoS Exec Code Overflow Mem. Corr. 2016-06-16 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
The mov_read_dref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in an MP4 file.
1782 CVE-2016-2858 119 DoS Overflow Mem. Corr. 2016-04-07 2018-12-01
1.9
None Local Medium Not required None None Partial
QEMU, when built with the Pseudo Random Number Generator (PRNG) back-end support, allows local guest OS users to cause a denial of service (process crash) via an entropy request, which triggers arbitrary stack based allocation and memory corruption.
1783 CVE-2016-2851 119 DoS Exec Code Overflow Mem. Corr. 2016-04-07 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in proto.c in libotr before 4.1.1 on 64-bit platforms allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a series of large OTR messages, which triggers a heap-based buffer overflow.
1784 CVE-2016-2836 119 DoS Exec Code Overflow Mem. Corr. 2016-08-04 2017-08-15
6.8
None Remote Medium Not required Partial Partial Partial
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to Http2Session::Shutdown and SpdySession31::Shutdown, and other vectors.
1785 CVE-2016-2835 DoS Exec Code Mem. Corr. 2016-08-04 2017-08-15
6.8
None Remote Medium Not required Partial Partial Partial
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 48.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
1786 CVE-2016-2834 DoS Mem. Corr. 2016-06-13 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.
1787 CVE-2016-2821 DoS Exec Code Mem. Corr. 2016-06-13 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in the mozilla::dom::Element class in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2, when contenteditable mode is enabled, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by triggering deletion of DOM elements that were created in the editor.
1788 CVE-2016-2818 119 DoS Exec Code Overflow Mem. Corr. 2016-06-13 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
1789 CVE-2016-2815 119 DoS Exec Code Overflow Mem. Corr. 2016-06-13 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
1790 CVE-2016-2807 119 DoS Exec Code Overflow Mem. Corr. 2016-04-30 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
1791 CVE-2016-2806 119 DoS Exec Code Overflow Mem. Corr. 2016-04-30 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
1792 CVE-2016-2805 119 DoS Exec Code Overflow Mem. Corr. 2016-04-30 2017-06-30
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the browser engine in Mozilla Firefox ESR 38.x before 38.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
1793 CVE-2016-2804 119 DoS Exec Code Overflow Mem. Corr. 2016-04-30 2017-06-30
10.0
None Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
1794 CVE-2016-2563 119 DoS Exec Code Overflow Mem. Corr. 2016-04-07 2016-12-02
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to cause a denial of service (stack memory corruption) or execute arbitrary code via a crafted SCP-SINK file-size response to an SCP download request.
1795 CVE-2016-2541 119 DoS Overflow Mem. Corr. 2018-02-07 2018-02-26
4.3
None Remote Medium Not required None None Partial
Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted MP2 file.
1796 CVE-2016-2540 119 DoS Overflow Mem. Corr. 2018-02-07 2018-02-26
4.3
None Remote Medium Not required None None Partial
Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted FORMATCHUNK structure.
1797 CVE-2016-2508 119 DoS Exec Code Overflow Mem. Corr. 2016-07-10 2016-07-12
9.3
None Remote Medium Not required Complete Complete Complete
media/libmediaplayerservice/nuplayer/GenericSource.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 does not validate certain track data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 28799341.
1798 CVE-2016-2507 119 DoS Exec Code Overflow Mem. Corr. 2016-07-10 2016-07-12
9.3
None Remote Medium Not required Complete Complete Complete
Integer overflow in codecs/on2/h264dec/source/h264bsd_storage.c in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 28532266.
1799 CVE-2016-2506 119 DoS Exec Code Overflow Mem. Corr. 2016-07-10 2016-07-11
10.0
None Remote Low Not required Complete Complete Complete
DRMExtractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 does not validate a certain offset value, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 28175045.
1800 CVE-2016-2505 119 DoS Exec Code Overflow Mem. Corr. 2016-07-10 2016-07-12
9.3
None Remote Medium Not required Complete Complete Complete
mpeg2ts/ATSParser.cpp in libstagefright in mediaserver in Android 6.x before 2016-07-01 does not validate a certain section length, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 28333006.
Total number of vulnerabilities : 5303   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 (This Page)37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.