Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2002-2404

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-01 Nov, 2007 | 17:00
Updated At-08 Aug, 2024 | 03:59
Rejected At-
Credits

Buffer overflow in IISPop email server 1.161 and 1.181 allows remote attackers to cause a denial of service (crash) via a long request to the POP3 port (TCP port 110).

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:01 Nov, 2007 | 17:00
Updated At:08 Aug, 2024 | 03:59
Rejected At:
â–¼CVE Numbering Authority (CNA)

Buffer overflow in IISPop email server 1.161 and 1.181 allows remote attackers to cause a denial of service (crash) via a long request to the POP3 port (TCP port 110).

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/6183
vdb-entry
x_refsource_BID
http://marc.info/?l=bugtraq&m=103729432602720&w=2
mailing-list
x_refsource_BUGTRAQ
http://www.iss.net/security_center/static/10632.php
vdb-entry
x_refsource_XF
Hyperlink: http://www.securityfocus.com/bid/6183
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://marc.info/?l=bugtraq&m=103729432602720&w=2
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.iss.net/security_center/static/10632.php
Resource:
vdb-entry
x_refsource_XF
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/6183
vdb-entry
x_refsource_BID
x_transferred
http://marc.info/?l=bugtraq&m=103729432602720&w=2
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.iss.net/security_center/static/10632.php
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www.securityfocus.com/bid/6183
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=103729432602720&w=2
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.iss.net/security_center/static/10632.php
Resource:
vdb-entry
x_refsource_XF
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:31 Dec, 2002 | 05:00
Updated At:16 Apr, 2026 | 00:27

Buffer overflow in IISPop email server 1.161 and 1.181 allows remote attackers to cause a denial of service (crash) via a long request to the POP3 port (TCP port 110).

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
curtis_specialty_consulting
curtis_specialty_consulting
>>iispop>>1.161
cpe:2.3:a:curtis_specialty_consulting:iispop:1.161:*:*:*:*:*:*:*
curtis_specialty_consulting
curtis_specialty_consulting
>>iispop>>1.181
cpe:2.3:a:curtis_specialty_consulting:iispop:1.181:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Primarynvd@nist.gov
CWE ID: CWE-119
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://marc.info/?l=bugtraq&m=103729432602720&w=2cve@mitre.org
N/A
http://www.iss.net/security_center/static/10632.phpcve@mitre.org
N/A
http://www.securityfocus.com/bid/6183cve@mitre.org
Exploit
http://marc.info/?l=bugtraq&m=103729432602720&w=2af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.iss.net/security_center/static/10632.phpaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/6183af854a3a-2127-422b-91ae-364da2661108
Exploit
Hyperlink: http://marc.info/?l=bugtraq&m=103729432602720&w=2
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.iss.net/security_center/static/10632.php
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/6183
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: http://marc.info/?l=bugtraq&m=103729432602720&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.iss.net/security_center/static/10632.php
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/6183
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit

Change History

0
Information is not available yet

Similar CVEs

642Records found
CVE-2014-9497
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.12% / 78.40%
||
7 Day CHG~0.00%
Published-29 Aug, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in mpg123 before 1.18.0.

Action-Not Available
Vendor-mpg123n/a
Product-mpg123n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-25660
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.46% / 63.99%
||
7 Day CHG~0.00%
Published-12 May, 2021 | 13:18
Updated-03 Aug, 2024 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the server side when sending data from the client, which could result in a Denial-of-Service condition.

Action-Not Available
Vendor-Siemens AG
Product-simatic_hmi_comfort_panels_22\"simatic_hmi_ktp_mobile_panels_ktp700fsimatic_hmi_ktp_mobile_panels_ktp900_firmwaresimatic_hmi_ktp_mobile_panels_ktp900fsimatic_hmi_ktp_mobile_panels_ktp400fsimatic_hmi_comfort_outdoor_panels_7\"simatic_hmi_ktp_mobile_panels_ktp700simatic_hmi_ktp_mobile_panels_ktp700f_firmwaresimatic_hmi_comfort_outdoor_panels_15\"_firmwaresimatic_hmi_ktp_mobile_panels_ktp900f_firmwaresimatic_hmi_ktp_mobile_panels_ktp400f_firmwaresimatic_hmi_comfort_panels_4\"simatic_hmi_comfort_panels_4\"_firmwaresimatic_hmi_ktp_mobile_panels_ktp900simatic_hmi_comfort_outdoor_panels_15\"simatic_hmi_comfort_outdoor_panels_7\"_firmwaresimatic_hmi_comfort_panels_22\"_firmwaresimatic_wincc_runtime_advancedsimatic_hmi_ktp_mobile_panels_ktp700_firmwareSIMATIC WinCC Runtime Advanced V16SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants)SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants)SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900FSIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F SIMATIC WinCC Runtime Advanced V15
CWE ID-CWE-788
Access of Memory Location After End of Buffer
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-0206
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-31.07% / 96.77%
||
7 Day CHG~0.00%
Published-09 Jan, 2015 | 02:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in the dtls1_buffer_record function in d1_pkt.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate records for the next epoch, leading to failure of replay detection.

Action-Not Available
Vendor-n/aOpenSSL
Product-openssln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9709
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-16.54% / 94.94%
||
7 Day CHG~0.00%
Published-30 Mar, 2015 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted GIF image that is improperly handled by the gdImageCreateFromGif function.

Action-Not Available
Vendor-libgdn/aCanonical Ltd.openSUSEThe PHP GroupDebian GNU/Linux
Product-debian_linuxubuntu_linuxphplibgdopensusen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9652
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-5.79% / 90.56%
||
7 Day CHG~0.00%
Published-30 Mar, 2015 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which might allow remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted file.

Action-Not Available
Vendor-file_projectn/aThe PHP Group
Product-filephpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-8484
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-2.77% / 86.13%
||
7 Day CHG~0.00%
Published-09 Dec, 2014 | 22:52
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The srec_scan function in bfd/srec.c in libdbfd in GNU binutils before 2.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a small S-record.

Action-Not Available
Vendor-n/aCanonical Ltd.GNUFedora Project
Product-binutilsubuntu_linuxfedoran/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9140
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-5.51% / 90.29%
||
7 Day CHG~0.00%
Published-05 Dec, 2014 | 16:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump 4.6.2 and earlier allows remote attackers to cause a denial of service (crash) cia a crafted PPP packet.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-8123
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-1.02% / 77.33%
||
7 Day CHG~0.00%
Published-05 Dec, 2014 | 16:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the bGetPPS function in wordole.c in Antiword 0.37 allows remote attackers to cause a denial of service (crash) via a crafted document.

Action-Not Available
Vendor-antiword_projectn/a
Product-antiwordn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9203
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-5||MEDIUM
EPSS-0.76% / 73.42%
||
7 Day CHG~0.00%
Published-07 Feb, 2015 | 15:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the Field Device Tool (FDT) Frame application in the HART Device Type Manager (DTM) library, as used in MACTek Bullet DTM 1.00.0, GE Vector DTM 1.00.0, GE SVi1000 Positioner DTM 1.00.0, GE SVI II AP Positioner DTM 2.00.1, and GE 12400 Level Transmitter DTM 1.00.0, allows remote attackers to cause a denial of service (DTM outage) via crafted packets.

Action-Not Available
Vendor-gemactekn/a
Product-vector_device_type_managersvi_ii_ap_positioner_device_type_managerbullet_device_type_manager12400_level_transmitter_device_type_managern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-8397
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.40% / 61.05%
||
7 Day CHG~0.00%
Published-01 May, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 and an invalid write of size 1 during processing of a corrupt binary containing reloc(s) with negative addresses. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objdump, to crash.

Action-Not Available
Vendor-n/aGNU
Product-binutilsn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-8713
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.38% / 80.36%
||
7 Day CHG~0.00%
Published-23 Nov, 2014 | 02:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9449
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.26% / 79.50%
||
7 Day CHG~0.00%
Published-02 Jan, 2015 | 20:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the RiffVideo::infoTagsHandler function in riffvideo.cpp in Exiv2 0.24 allows remote attackers to cause a denial of service (crash) via a long IKEY INFO tag value in an AVI file.

Action-Not Available
Vendor-n/aFedora ProjectExiv2
Product-exiv2fedoran/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2026-3731
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.11% / 28.61%
||
7 Day CHG~0.00%
Published-08 Mar, 2026 | 10:32
Updated-12 Mar, 2026 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
libssh SFTP Extension Name sftp.c sftp_extensions_get_data out-of-bounds

A weakness has been identified in libssh up to 0.11.3. The impacted element is the function sftp_extensions_get_name/sftp_extensions_get_data of the file src/sftp.c of the component SFTP Extension Name Handler. Executing a manipulation of the argument idx can lead to out-of-bounds read. The attack may be performed from remote. Upgrading to version 0.11.4 and 0.12.0 is sufficient to resolve this issue. This patch is called 855a0853ad3abd4a6cd85ce06fce6d8d4c7a0b60. You should upgrade the affected component.

Action-Not Available
Vendor-libsshn/a
Product-libsshlibssh
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-14742
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.28% / 51.34%
||
7 Day CHG~0.00%
Published-29 Jul, 2018 | 18:00
Updated-05 Aug, 2024 | 09:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. A SEGV can occur in set_field_one in bootstrap.c during a memcpy.

Action-Not Available
Vendor-pbc_projectn/a
Product-pbcn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-8738
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-8.00% / 92.13%
||
7 Day CHG~0.00%
Published-15 Jan, 2015 | 15:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The _bfd_slurp_extended_name_table function in bfd/archive.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (invalid write, segmentation fault, and crash) via a crafted extended name table in an archive.

Action-Not Available
Vendor-n/aCanonical Ltd.GNUDebian GNU/LinuxFedora Project
Product-binutilsdebian_linuxubuntu_linuxfedoran/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9116
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-3.52% / 87.70%
||
7 Day CHG~0.00%
Published-02 Dec, 2014 | 16:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The write_one_header function in mutt 1.5.23 does not properly handle newline characters at the beginning of a header, which allows remote attackers to cause a denial of service (crash) via a header with an empty body, which triggers a heap-based buffer overflow in the mutt_substrdup function.

Action-Not Available
Vendor-mageiamuttn/aDebian GNU/LinuxSUSE
Product-debian_linuxlinux_enterprise_desktopmuttsuse_linux_enterprise_servermageian/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9319
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.53% / 67.51%
||
7 Day CHG~0.00%
Published-09 Dec, 2014 | 22:52
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ff_hevc_decode_nal_sps function in libavcodec/hevc_ps.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted .bit file.

Action-Not Available
Vendor-n/aFFmpeg
Product-ffmpegn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2001-1539
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-17.16% / 95.04%
||
7 Day CHG~0.00%
Published-14 Jul, 2005 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack consumption vulnerability in Internet Explorer The JavaScript settimeout function in Internet Explorer allows remote attackers to cause a denial of service (crash) via the JavaScript settimeout function. NOTE: the vendor could not reproduce the problem.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_explorern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9050
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-6.89% / 91.44%
||
7 Day CHG~0.00%
Published-01 Dec, 2014 | 15:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file.

Action-Not Available
Vendor-n/aClamAV
Product-clamavn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-9048
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.60% / 69.59%
||
7 Day CHG~0.00%
Published-18 May, 2017 | 06:13
Updated-18 Dec, 2025 | 12:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 < size. This vulnerability causes programs that use libxml2, such as PHP, to crash.

Action-Not Available
Vendor-n/alibxml2 (XMLSoft)
Product-libxml2n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-8964
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-2.06% / 84.01%
||
7 Day CHG~0.00%
Published-16 Dec, 2014 | 18:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats.

Action-Not Available
Vendor-pcren/aMariaDB FoundationopenSUSEOracle CorporationRed Hat, Inc.Fedora Project
Product-enterprise_linux_euspcreenterprise_linux_serverenterprise_linux_workstationmariadbenterprise_linux_server_tusenterprise_linux_desktopsolarisenterprise_linux_server_ausfedoraopensusen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-7947
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-5||MEDIUM
EPSS-1.44% / 80.81%
||
7 Day CHG~0.00%
Published-22 Jan, 2015 | 22:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenJPEG before r2944, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document, related to j2k.c, jp2.c, pi.c, t1.c, t2.c, and tcd.c.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-13997
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.33% / 56.25%
||
7 Day CHG~0.00%
Published-12 Jul, 2018 | 12:00
Updated-05 Aug, 2024 | 09:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Genann through 2018-07-08 has a SEGV in genann_run in genann.c.

Action-Not Available
Vendor-codeplean/a
Product-genannn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-17295
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-5.3||MEDIUM
EPSS-0.16% / 36.70%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 16:00
Updated-05 Aug, 2024 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RP200 V500R002C00, V600R006C00, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, ViewPoint 9030 V100R011C02, V100R011C03, eSpace U1981 V200R003C20SPC900, V200R003C30SPC200 have a buffer overflow vulnerability. An unauthenticated, remote attacker may send specially crafted SIP packages to the affected products. Due to the insufficient validation of some values for SIP packages, successful exploit may cause services abnormal.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-ar2200_firmwareusg9560_firmwareviewpoint_9030ips_modulear3200_firmwarear2200srg3300nip6300_firmwarete30netengine16exar120-s_firmwareusg9560svn5800-c_firmwarengfw_moduledp300ar200-sar120-sar510usg9520ar150-ssemg9811_firmwaresrg2300secospace_usg6500_firmwaresvn5800ar150_firmwareips_module_firmwaresecospace_usg6600_firmwarear3600ar3200semg9811dp300_firmwarear200-s_firmwaretp3106_firmwaresvn5600ar160_firmwarerp200usg9520_firmwareusg9580netengine16ex_firmwaresecospace_usg6600viewpoint_9030_firmwarear1200te30_firmwaresrg1300srg1300_firmwaresecospace_usg6300srg3300_firmwaresrg2300_firmwarete40ar1200-s_firmwareusg9500te50rse6500nip6600usg9580_firmwareespace_u1981_firmwarenip6800_firmwaretp3106espace_u1981ar160nip6300secospace_usg6500usg9500_firmwaresvn5800_firmwarear2200-stp3206tp3206_firmwaresvn5600_firmwarear510_firmwarear150-s_firmwarear1200-sar150ngfw_module_firmwarear1200_firmwarear200rp200_firmwarear3600_firmwarear2200-s_firmwarenip6800te40_firmwarerse6500_firmwarear200_firmwarenip6600_firmwaresvn5800-cte50_firmwaresecospace_usg6300_firmwareAR120-S,AR1200,AR1200-S,AR150,AR150-S,AR160,AR200,AR200-S,AR2200,AR2200-S,AR3200,AR3600,AR510,DP300,IPSModule,NGFWModule,NIP6300,NIP6600,NIP6800,NetEngine16EX,RP200,RSE6500,SRG1300,SRG2300,SRG3300,SVN5600,SVN5800,SVN5800-C,SeMG9811,SecospaceUSG6300,SecospaceUSG6500,SecospaceUSG6600,TE30,TE40,TE50,TE60,TP3106,TP3206,USG9500,USG9520,USG9560,USG9580,ViewPoint9030,eSpaceU1981
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-7943
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-5||MEDIUM
EPSS-1.47% / 81.02%
||
7 Day CHG~0.00%
Published-22 Jan, 2015 | 22:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Skia, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

Action-Not Available
Vendor-chromiumn/aCanonical Ltd.openSUSEGoogle LLCRed Hat, Inc.
Product-enterprise_linux_desktop_supplementaryenterprise_linux_server_supplementaryubuntu_linuxchromechromiumenterprise_linux_server_supplementary_eusenterprise_linux_workstation_supplementaryopensusen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-20988
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-8.6||HIGH
EPSS-0.28% / 51.12%
||
7 Day CHG~0.00%
Published-13 May, 2021 | 13:45
Updated-16 Sep, 2024 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Hilscher rcX RTOS: Wrong handling of the UDP checksum

In Hilscher rcX RTOS versions prios to V2.1.14.1 the actual UDP packet length is not verified against the length indicated by the packet. This may lead to a denial of service of the affected device.

Action-Not Available
Vendor-pepperl-fuchshilscherPepperl+FuchsHilscher
Product-ice1-16di-g60l-v1d_firmwareice1-8iol-g30l-v1d_firmwareice1-8iol-g60l-v1dice1-16di-g60l-v1dice1-16dio-g60l-v1d_firmwareice1-16dio-g60l-v1dice1-8iol-g60l-v1d_firmwareice1-8iol-g30l-v1dice1-8di8do-g60l-v1d_firmwareice1-8iol-s2-g60l-v1drcx_rtosice1-8di8do-g60l-c1-v1d_firmwareice1-8di8do-g60l-c1-v1dice1-8iol-s2-g60l-v1d_firmwareice1-16dio-g60l-c1-v1d_firmwareice1-8di8do-g60l-v1dice1-16dio-g60l-c1-v1drcX RTOSEthernet IO Modules ICE1-8Ethernet IO Modules ICE1-16
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-8821
Matching Score-4
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-4
Assigner-Debian GNU/Linux
CVSS Score-7.5||HIGH
EPSS-0.54% / 67.54%
||
7 Day CHG~0.00%
Published-03 Dec, 2017 | 07:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, an attacker can cause a denial of service (application hang) via crafted PEM input that signifies a public key requiring a password, which triggers an attempt by the OpenSSL library to ask the user for the password, aka TROVE-2017-011.

Action-Not Available
Vendor-tor_projectn/aDebian GNU/Linux
Product-tordebian_linuxTor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-7941
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-5||MEDIUM
EPSS-1.93% / 83.52%
||
7 Day CHG~0.00%
Published-22 Jan, 2015 | 22:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SelectionOwner::ProcessTarget function in ui/base/x/selection_owner.cc in the UI implementation in Google Chrome before 40.0.2214.91 uses an incorrect data type for a certain length value, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted X11 data.

Action-Not Available
Vendor-chromiumn/aopenSUSERed Hat, Inc.Google LLC
Product-enterprise_linux_desktop_supplementaryenterprise_linux_server_supplementaryenterprise_linux_server_supplementary_euschromechromiumenterprise_linux_workstation_supplementaryopensusen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-7944
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-5||MEDIUM
EPSS-1.44% / 80.81%
||
7 Day CHG~0.00%
Published-22 Jan, 2015 | 22:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The sycc422_to_rgb function in fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in Google Chrome before 40.0.2214.91, does not properly handle odd values of image width, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-7946
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-5||MEDIUM
EPSS-2.41% / 85.19%
||
7 Day CHG~0.00%
Published-22 Jan, 2015 | 22:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The RenderTable::simplifiedNormalFlowLayout function in core/rendering/RenderTable.cpp in Blink, as used in Google Chrome before 40.0.2214.91, skips captions during table layout in certain situations, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors related to the Fonts implementation.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-20589
Matching Score-4
Assigner-Mitsubishi Electric Corporation
ShareView Details
Matching Score-4
Assigner-Mitsubishi Electric Corporation
CVSS Score-7.5||HIGH
EPSS-0.33% / 55.53%
||
7 Day CHG~0.00%
Published-19 May, 2021 | 10:28
Updated-03 Aug, 2024 | 17:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer access with incorrect length value vulnerability in GOT2000 series GT27 model communication driver versions 01.19.000 through 01.38.000, GT25 model communication driver versions 01.19.000 through 01.38.000, GT23 model communication driver versions 01.19.000 through 01.38.000 and GT21 model communication driver versions 01.21.000 through 01.39.000, GOT SIMPLE series GS21 model communication driver versions 01.21.000 through 01.39.000, GT SoftGOT2000 versions 1.170C through 1.250L and Tension Controller LE7-40GU-L Screen package data for MODBUS/TCP V1.00 allows a remote unauthenticated attacker to stop the communication function of the products via specially crafted packets.

Action-Not Available
Vendor-n/aMitsubishi Electric Corporation
Product-gt_softgot2000_firmwaregt23_firmwaregt25gt21_firmwaregs21_firmwaregt25_firmwaregt27gs21gt27_firmwaregt23gt21gt_softgot2000GOT2000 series; GOT SIMPLE series; GT SoftGOT2000; Tension Controller
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-6428
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.86% / 75.20%
||
7 Day CHG~0.00%
Published-20 Sep, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_spdu function in epan/dissectors/packet-ses.c in the SES dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not initialize a certain ID value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-1510
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.91% / 75.97%
||
7 Day CHG~0.00%
Published-06 May, 2021 | 12:42
Updated-08 Nov, 2024 | 23:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities

Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-vedge_2000vedge_100_firmwarevedge_100mvedge_5000_firmwarevedge_1000_firmwarevedge_5000vedge_100wm_firmwarevedge_100b_firmwarevedge_2000_firmwarevedge_1000vedge_100bvedge_cloudvedge_100m_firmwarevedge_100vedge_cloud_firmwarevedge_100wmCisco SD-WAN vEdge router
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-6422
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.86% / 75.20%
||
7 Day CHG~0.00%
Published-20 Sep, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SDP dissector in Wireshark 1.10.x before 1.10.10 creates duplicate hashtables for a media channel, which allows remote attackers to cause a denial of service (application crash) via a crafted packet to the RTP dissector.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-17142
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-5.3||MEDIUM
EPSS-0.18% / 38.73%
||
7 Day CHG~0.00%
Published-05 Mar, 2018 | 19:00
Updated-16 Sep, 2024 | 22:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SIP module in Huawei DP300 V500R002C00; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC400; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; RP200 V500R002C00SPC200; V600R006C00; V600R006C00SPC200; RSE6500 V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC300T; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC700; V500R002C00T; TE30 V100R001C10; V100R001C10SPC100; V100R001C10SPC200B010; V100R001C10SPC300; V100R001C10SPC500; V100R001C10SPC600; V100R001C10SPC700B010; V100R001C10SPC800; V500R002C00SPC200; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC900; V500R002C00SPCb00; V600R006C00; TE40 V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC900; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; TE50 V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; TE60 V100R001C01SPC100; V100R001C01SPC107TB010; V100R001C10; V100R001C10SPC300; V100R001C10SPC400; V100R001C10SPC500; V100R001C10SPC600; V100R001C10SPC700; V100R001C10SPC800; V100R001C10SPC900; V500R002C00; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; V500R002C00SPCb00; V500R002C00SPCd00; V600R006C00; V600R006C00SPC100; V600R006C00SPC200; V600R006C00SPC300; TP3106 V100R002C00; V100R002C00SPC200; V100R002C00SPC400; V100R002C00SPC600; V100R002C00SPC700; V100R002C00SPC800; TP3206 V100R002C00; V100R002C00SPC200; V100R002C00SPC400; V100R002C00SPC600; V100R002C00SPC700; V100R002C10; ViewPoint 9030 V100R011C02SPC100; V100R011C03B012SP15; V100R011C03B012SP16; V100R011C03B015SP03; V100R011C03LGWL01SPC100; V100R011C03SPC100; V100R011C03SPC200; V100R011C03SPC300; V100R011C03SPC400; V100R011C03SPC500; eSpace U1960 V200R003C30SPC200; eSpace U1981 V100R001C20SPC700; V200R003C20SPCa00 has an overflow vulnerability that attacker can exploit by sending a specially crafted SIP message leading to a process reboot at random.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-viewpoint_9030viewpoint_9030_firmwarete30_firmwaretp3206tp3206_firmwarete60te40dp300_firmwarete30te50tp3106_firmwarerp200_firmwarerse6500espace_u1960_firmwareespace_u1981_firmwaredp300tp3106rp200te40_firmwarerse6500_firmwarete50_firmwareespace_u1960espace_u1981te60_firmwareDP300; RP200; RSE6500; TE30; TE40; TE50; TE60; TP3106; TP3206; ViewPoint 9030; eSpace U1960; eSpace U1981
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-5256
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.26% / 79.56%
||
7 Day CHG~0.00%
Published-05 Sep, 2014 | 17:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Node.js 0.8 before 0.8.28 and 0.10 before 0.10.30 does not consider the possibility of recursive processing that triggers V8 garbage collection in conjunction with a V8 interrupt, which allows remote attackers to cause a denial of service (memory corruption and application crash) via deep JSON objects whose parsing lets this interrupt mask an overflow of the program stack.

Action-Not Available
Vendor-n/aNode.js (OpenJS Foundation)
Product-nodejsn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2004-1992
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-11.38% / 93.61%
||
7 Day CHG~0.00%
Published-10 May, 2005 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Serv-U FTP server before 5.0.0.6 allows remote attackers to cause a denial of service (crash) via a long -l parameter, which triggers an out-of-bounds read.

Action-Not Available
Vendor-n/aSolarWinds Worldwide, LLC.
Product-serv-u_file_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2025-9001
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.58% / 69.05%
||
7 Day CHG+0.15%
Published-15 Aug, 2025 | 02:02
Updated-11 Sep, 2025 | 18:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
LemonOS HTTP Client main.cpp HTTPGet stack-based overflow

A vulnerability was determined in LemonOS up to nightly-2024-07-12 on LemonOS. Affected by this issue is the function HTTPGet of the file /Applications/Steal/main.cpp of the component HTTP Client. The manipulation of the argument chunkSize leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-lemonosn/a
Product-lemonosLemonOS
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2014-5461
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-10.63% / 93.34%
||
7 Day CHG-10.97%
Published-04 Sep, 2014 | 00:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service (crash) via a small number of arguments to a function with a large number of fixed arguments.

Action-Not Available
Vendor-mageialuan/aCanonical Ltd.openSUSEDebian GNU/Linux
Product-debian_linuxubuntu_linuxmageialuaopensusen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-5164
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.35% / 57.37%
||
7 Day CHG~0.00%
Published-01 Aug, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The rlc_decode_li function in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.10.x before 1.10.9 initializes a certain structure member only after this member is used, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-0227
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-7.5||HIGH
EPSS-1.19% / 78.91%
||
7 Day CHG~0.00%
Published-22 Apr, 2021 | 19:36
Updated-16 Sep, 2024 | 17:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: SRX Series: Denial of Service in J-Web upon receipt of crafted HTTP packets

An improper restriction of operations within the bounds of a memory buffer vulnerability in Juniper Networks Junos OS J-Web on SRX Series devices allows an attacker to cause Denial of Service (DoS) by sending certain crafted HTTP packets. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. When this issue occurs, web-management, NTP daemon (ntpd) and Layer 2 Control Protocol process (L2CPD) daemons might crash. This issue affects Juniper Networks Junos OS on SRX Series: 17.3 versions prior to 17.3R3-S9; 17.4 versions prior to 17.4R2-S11, 17.4R3-S2; 18.2 versions prior to 18.2R3-S5; 18.3 versions prior to 18.3R2-S4, 18.3R3-S3; 18.4 versions prior to 18.4R2-S5, 18.4R3-S4; 19.1 versions prior to 19.1R3-S2; 19.2 versions prior to 19.2R1-S5, 19.2R3; 19.3 versions prior to 19.3R3; 19.4 versions prior to 19.4R2-S1, 19.4R3; 20.1 versions prior to 20.1R1-S2, 20.1R2;

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-srx345srx5800srx110srx4200srx340srx4100srx220srx240srx3600srx5400srx1400srx100srx3400srx300srx550srx320srx5600junossrx650srx210srx4600srx1500Junos OS
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-9106
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.56% / 68.48%
||
7 Day CHG~0.00%
Published-18 Jun, 2020 | 13:08
Updated-05 Aug, 2024 | 16:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in adns before 1.5.2. adns_rr_info mishandles a bogus *datap. The general pattern for formatting integers is to sprintf into a fixed-size buffer. This is correct if the input is in the right range; if it isn't, the buffer may be overrun (depending on the sizes of the types on the current platform). Of course the inputs ought to be right. And there are pointers in there too, so perhaps one could say that the caller ought to check these things. It may be better to require the caller to make the pointer structure right, but to have the code here be defensive about (and tolerate with an error but without crashing) out-of-range integer values. So: it should defend each of these integer conversion sites with a check for the actual permitted range, and return adns_s_invaliddata if not. The lack of this check causes the SOA sign extension bug to be a serious security problem: the sign extended SOA value is out of range, and overruns the buffer when reconverted. This is related to sign extending SOA 32-bit integer fields, and use of a signed data type.

Action-Not Available
Vendor-n/aGNUFedora Project
Product-fedoraadnsn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-5163
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.74% / 73.01%
||
7 Day CHG~0.00%
Published-01 Aug, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The APN decode functionality in (1) epan/dissectors/packet-gtp.c and (2) epan/dissectors/packet-gsm_a_gm.c in the GTP and GSM Management dissectors in Wireshark 1.10.x before 1.10.9 does not completely initialize a certain buffer, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-4342
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-8.14% / 92.21%
||
7 Day CHG~0.00%
Published-20 Jul, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read or NULL pointer dereference, and application crash) by injecting invalid tokens into a GSSAPI application session.

Action-Not Available
Vendor-n/aRed Hat, Inc.Debian GNU/LinuxMIT (Massachusetts Institute of Technology)
Product-debian_linuxenterprise_linux_workstationenterprise_linux_serverkerberos_5enterprise_linux_desktopkerberosenterprise_linux_hpc_noden/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-3488
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-0.87% / 75.26%
||
7 Day CHG~0.00%
Published-31 Jul, 2014 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SslHandler in Netty before 3.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted SSLv2Hello message.

Action-Not Available
Vendor-n/aThe Netty Project
Product-nettyn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-3696
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-2.14% / 84.30%
||
7 Day CHG~0.00%
Published-29 Oct, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

nmevent.c in the Novell GroupWise protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a crafted server message that triggers a large memory allocation.

Action-Not Available
Vendor-n/aPidgin
Product-pidginn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-3478
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-25.34% / 96.24%
||
7 Day CHG~0.00%
Published-09 Jul, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (application crash) via a crafted Pascal string in a FILE_PSTRING conversion.

Action-Not Available
Vendor-christos_zoulasn/aThe PHP Group
Product-filephpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-10664
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.60% / 69.73%
||
7 Day CHG~0.00%
Published-26 Jun, 2018 | 18:00
Updated-05 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the httpd process in multiple models of Axis IP Cameras. There is Memory Corruption.

Action-Not Available
Vendor-axisn/a
Product-p1204_firmwarem1103m1145_firmwarep3915-r_firmwarep3343q1932-e_pt_mountq7411_firmwarexp40-q1942q8414-lvsp3363-veq8655-zle_firmwareq1604-e_firmwareq8685-leq8742-le_zoomp1357-e_firmwarem3105-lve_firmwarep1125-zp1425-le_firmwareq1635_firmwarem1013q7424-r_mk_ii_firmwareq1931-e_pt_mount_firmwareq7401_firmwarecompanion_c360c2005_firmwarep1214-ep5514-e_firmwarep1428-ep3228-lveq1775_firmwareq1604p1346-e_firmwarecompanion_eye_lp1405-em1124q1765-le_pt_mount_firmwarep1364q1647p1344-eq7401q3504-vp3114-zq6045-s_mk_iip3365-vm1033-w_firmwarep5515-eq1941-eq8685-exp60-q1765p1346-eq1602_firmwarep3215-ve_firmwareq6052q8642-e_firmwarem3104-lm3005-vq6045-s_mk_ii_firmwarep3354q1635-zq1614-eq1942-e_pt_mountq6054-e_firmwarem3203-v_firmwarep3301-v_firmwarep3225-v_mk_iip3364-lvp3705-zp1405-leq8721-e_firmwarea8004-v_firmwarep1354_firmwareq6044-em1125-em3106-l_mk_ii_firmwarem3007-pq6045_mk_ii_firmwarexp60-q1765_firmwarep3224-v_mk_iim1025_firmwarem3006-v_firmwarep1224-e_firmwarep1344p3224-lve_firmwareq6032-ea8105-ep1254q1602-ep1126-zlp1425-lep1353q1615-e_mk_ii_firmwareq6045-c_mk_iim1054p1343-ep1346_firmwareq3505-sve_mk_iim3204q1910-ep7216_firmwareq1755_firmwarem3105-l_firmwarep1425-le_mk_ii_firmwarep3707-pe_firmwareq6054_mk_ii_firmwarem3106-lve_mk_ii_firmwarep5532-eq1602q6042-cp3375-vea8105-e_firmwarecompanion_cube_lq1931-e_pt_mountp3225-lve_mk_iip3364-ve_firmwareq2901-e_firmwarep3375-ve_firmwarep1245q1755q3617-ve_firmwarem1054_firmwarep3364-vep5624-e_firmwarem3044-wvp5512-eq6115-e_firmwarep3374-v_firmwareq2901-e_pt_mountp8514_firmwarep3904-r_mk_ii_firmwarem3106-lve_mk_iip3301_firmwarep3344-vcompanion_dome_wvq6114-em1103_firmwarep3344-v_firmwareq3615-vem3114-r_firmwarep5512m1045-lw_firmwareq7414_bladep3224-v_mk_ii_firmwarep3343-vq6035q7436_bladem1125m3016a8004-vq1765-le_firmwareq3505-v_mk_iiq6054-e_mk_ii_firmwareq8741-ep3344-vep3363-v_firmwarep1405-le_mk_iiq6042companion_recorder_4chq8742-e_zoom_firmwarecompanion_bullet_le_firmwarem3046-vp1344-e_firmwarep3344_firmwareq1922q1615-e_firmwarep3374-lv_firmwarep1254_firmwareq1604_firmwareq1614-e_firmwarep3346-vq6055-cp5624-e_mk_iiq6055p3375-lv_firmwareq7436_blade_firmwarep3215-vv5915_firmwareq6042-c_firmwarep1405-le_mk_ii_firmwarem3045-vm3047-p_firmwarem1145m1113-e_firmwarep1355-e_firmwarea9161p3227-lveq6045_mk_iif34_main_unitp5512_firmwarem5065_firmwareq1615-e_mk_iim3044-vp3227-lv_firmwarep3343-ve_firmwarep3365-vecompanion_dome_v_firmwarem3048-p_firmwarep3375-lve_firmwarem3026-veq2901-e_pt_mount_firmwarem1144-lq8722-e_firmwarem5014-v_firmwarem5014q1765-le_pt_mountq8742-em3048-pm3204-v_firmwarep1357-em3106-lvep3905-req1605-zp1125-z_firmwareq6124-e_firmwarep3346p3215-veq6044q1932-eq3709-pved2050-ve_firmwareq3517-lvem1144-l_firmwarem3114-ve_firmwarep5515m2025-le_firmwareq8721-eq7424-rp1435-em3015_firmwarep3225-lv_mk_iixf40-q1765m3106-l_firmwareq6044-sq8631-ep3228-lvp3315-zlq7404_firmwarep1343-e_firmwarep5532xp40-q1765_firmwareq6045-e_firmwarep1343p1365-eq6000-exf60-q2901_firmwarev5914_firmwaref44_dual_audio_inputm3044-v_firmwarep1365-e_mk_iiq3708-pvep3363-ve_firmwarep1280p1353-e_firmwarep1265_firmwarem3106-lp1447-le_firmwarep1290p5532-e_firmwarep7224_blade_firmwareq6055-ecompanion_eye_lve_firmwareq8414-lvs_firmwareq1775-em5014_firmwarem1034-wp1354m2026-le_mk_ii_firmwarem7011_firmwareq6055-e_firmwarem3104-lvep3905-re_firmwareq6045-cxf40-q1765_firmwarep1347-em1114-e_firmwareq6055-c_firmwareq8742-e_firmwarem2014-e_firmwarep3224-lve_mk_iip5534m7016_firmwareq6042-e_firmwarec3003-e_firmwareq6055-sm3026-ve_firmwareq6128-e_firmwarep1405-le_firmwareq7406_bladep3227-lvp7214_firmwarep5534-ep5635-eq8722-eq6045-e_mk_ii_firmwarep3375-v_firmwarec3003-em3024-lveq1910-e_firmwarecompanion_eye_l_firmwarep3346-vep3915-rp1347_firmwarem5055q6044-cc8033p1365-e_firmwarep3314-zl_firmwarep8513_firmwareq3505-v_firmwarep3214-v_firmwarep3224-ve_mk_ii_firmwareq6054_mk_iip3114-z_firmwarem3045-wv_firmwarep5514_firmwareq1910_firmwarem3113-ve_firmwarep8524m3045-v_firmwarep1344_firmwareq6054_firmwarep3905-r_firmwarecompanion_dome_vq6054-eq8675-ze_firmwarep3344-ve_firmwarem1004-wq8741-le_firmwarep3706-z_firmwarev5915p1224-ep1365_firmwareq6044-s_firmwarep3304q6034_firmwareq3505-vecompanion_cube_l_firmwarem3007-pv_firmwarep3224-lv_firmwareq6032-cm3204-vp3364-lvep3705-z_firmwarem2014-ep3367-vep1275p1405-e_firmwaref44_main_unit_firmwareq3505-ve_firmwareq8632-e_firmwarem7010m3203p3125-z_firmwarep1264_firmwarep1365_mk_iip3228-lv_firmwareq1615-ep1448-leq6045_firmwarep1365q8742-le_firmwarem1125_firmwarem2026-le_mk_iim3114-rp3125-zq8742-le_zoom_firmwarem3037-pveq6044_firmwarem7011q6034-ep3374-lvp1427-e_firmwarep3115-z_firmwarep5635-zem1113_firmwarep3707-pep3314-zm3045-wvq3505-v_mk_ii_firmwarecompanion_cube_lw_firmwarep1435-lep5534-e_firmwarem1013_firmwareq1602-e_firmwareq6034-c_firmwarep1355-ep3225-ve_mk_iip5415-e_firmwarep1325-zq1922-eq6042-ep3364-lv_firmwarep3224-lveq6055_firmwarem3105-lp5515-e_firmwareq1605-z_firmwareq7414_blade_firmwarep3904-r_mk_iip1126-z_firmwareq8675-zeq6052-ecompanion_recorder_4ch_firmwarep1214p3301m3105-lveq1922-e_firmwarep3214-ve_firmwarep5515_firmwarexf40-q2901xf40-q2901_firmwarea9188f41_main_unit_firmwareq6044-c_firmwarep1364-eq1645p3384-ve_firmwarem1104q6054-e_mk_iip3706-zp5635-e_mk_ii_firmwarep3363-vq6035-e_firmwarep5522_firmwareq3615-ve_firmwarep1425-le_mk_iiq6032q7424-r_firmwareq8665-e_firmwareq6032_firmwarep1126-zl_firmwarem1065-lp1214-e_firmwarep1427-le_firmwarep5544_firmwarep3905-r_mk_ii_firmwarem2026-lep3374-vd201-s_xpt_q6055_firmwarem3027-pvep3315-zm3007-p_firmwarem5065m1143-l_firmwareq2901-ef44_main_unitq8741-lep3384-vq3505-vq6032-c_firmwarep3343-veq6125-le_firmwarep3904-r_firmwarep5635-e_firmwarep3367-ve_firmwareq1931-eq8665-lecompanion_bullet_lep1427-lep1126-zq1942-e_firmwareq1635-ep3375-lvep1427-ea9188-v_firmwarep3225-lv_firmwarep3905-r_mk_iiq6035-em3024-lve_firmwarep3114-i_firmwareq6000-e_mk_iip1357q6042-s_firmwareq8742-e_zoomm1125-e_firmwarep1353-ep3364-v_firmwarep1428-e_firmwarep5635-e_mk_iiq3517-lvq8641-ep3365-ve_firmwarep5544q1615_firmwareq1932-e_pt_mount_firmwarem1113-em3203_firmwarec1004-ep5414-ep5522q1635q6032-e_firmwareq3504-ve_firmwareq8685-le_firmwarem1025q7406_blade_firmwareq6045-c_firmwarem3016_firmwareq1614m1113companion_eye_lveq1615m2025-lep1354-e_firmwarep3214-vem1124_firmwarep3115-i_firmwarem3113-rq1921-e_firmwarem1034-w_firmwarep1347p1264q6044-e_firmwarem1033-wq1604-ep1365-e_mk_ii_firmwarep3346-ve_firmwarep3375-lvq1659p3228-lve_firmwareq1775p1325-z_firmwarep1448-le_firmwarec1004-e_firmwarem3044-wv_firmwareq1645_firmwarep3314-zlq6035-cp3225-ve_mk_ii_firmwarep7224_bladem1114a9188-vq1635-z_firmwareq6035-c_firmwareq3505-ve_mk_ii_firmwarep1347-e_firmwaref41_main_unitm3046-v_1.8mmm3203-vp1280_firmwarem3046-v_firmwareq6128-eq8665-eq1941-e_pt_mountm3046-v_1.8mm_firmwareq8741-e_firmwarev5914f34_main_unit_firmwarep5522-em3106-l_mk_iip5414-e_firmwarep1367_firmwarep1245_firmwarep3367-v_firmwareq1941-e_firmwarep1357_firmwarep5415-eq3515-lvp8513m1114-eq1922_firmwarep3225-lve_mk_ii_firmwarep3224-lvp1265q3504-v_firmwarem1104_firmwarefa54_main_unit_firmwarep3301-vxf60-q2901q6045-sm3014_firmwarep3353_firmwarep1244_firmwarem3027-pve_firmwarem5013q1615_mk_iim3014d201-s_xpt_q6055p5635-ze_firmwareq7424-r_mk_iip3384-veq6045-e_mk_iiq8641-e_firmwarem3005-v_firmwareq8631-e_firmwarem3114-vep1354-ep3224-lve_mk_ii_firmwarep3315-z_firmwareq3709-pve_firmwarep5624-e_mk_ii_firmwareq3505-ve_mk_iim1145-l_firmwarec2005p3224-lv_mk_ii_firmwareq6045-s_firmwarep5514p3904-rq1615_mk_ii_firmwarem1004-w_firmwarem5525-e_firmwarep3225-lv_mk_ii_firmwareq3505-sve_mk_ii_firmwareq6115-eq1755-e_firmwareq6052-e_firmwarep3225-lveq1921p1214_firmwarecompanion_recorder_8ch_firmwarem5054p3115-zp8524_firmwarem5013-vm1143-lm7010_firmwarem1145-lp5624-ep3915-r_mk_ii_firmwarem7014_firmwareq1921_firmwareq1921-em3007-pvm3104-lve_firmwareq6124-ep3375-vxp40-q1765m1045-lwp3215-v_firmwarep3225-v_mk_ii_firmwarep1343_firmwareq1910q6045-ecompanion_recorder_8chm3047-pm3104-l_firmwarep1355p3915-r_mk_iip5512-e_firmwarem5055_firmwareq6042-scompanion_cube_lwm3004-vp1435-le_firmwaref44_dual_audio_input_firmwarem5525-ep3224-ve_mk_iip1367-eq6045-c_mk_ii_firmwareq1635-e_firmwareq1931-e_firmwareq3517-lve_firmwarep3346-v_firmwarea1001q6042_firmwareq6000-e_mk_ii_firmwarep1364-e_firmwarea1001_firmwarep3353q3504-veq3515-lv_firmwareq1775-e_firmwarep1368-ep7210_firmwareq8742-lem5054_firmwarep7210p1367companion_c360_firmwareq6155-e_firmwarem3004-v_firmwareq6034-cq3515-lvefa54_main_unitm5013_firmwareq3617-veq6125-lep3343_firmwarep3364-vq6034m2026-le_firmwareq8642-em3113-r_firmwareq6155-ep3905-rm1065-lwm3015p1365_mk_ii_firmwarep1447-lep3115-iq1942-e_pt_mount_firmwareq7404m3204_firmwarep1353_firmwarep1125-zl_firmwarem3106-lve_firmwarep1290_firmwarem3037-pve_firmwarep3365-v_firmwarep1244p5522-e_firmwareq3517-lv_firmwareq8655-zlep3314-z_firmwarep5514-em1014_firmwarep3384-v_firmwareq1614_firmwarep7216m7016q6035_firmwarecompanion_dome_wv_firmwarem5013-v_firmwarep3364-lve_firmwareq1932-e_firmwarem3025-ve_firmwarep7214q1647_firmwarexp40-q1942_firmwarep1368-e_firmwarem1065-l_firmwarep8514m3113-vep3304-vp1367-e_firmwarep3354_firmwarem1124-e_firmwareq1941-e_pt_mount_firmwareq6114-e_firmwarec8033_firmwarem1065-lw_firmwarep1435-e_firmwareq6034-e_firmwareq1942-ep3214-vp3225-lve_firmwarep1125-zlq8685-e_firmwarep1346p3343-v_firmwareq8632-eq6045p3227-lve_firmwareq3708-pve_firmwarep1275_firmwarem3025-vep1425-e_firmwareq6052_firmwareq6055-s_firmwarep3224-lv_mk_iip3304_firmwareq6054m1114_firmwareq1765-leq7411p3114-id2050-veq1659_firmwarep1425-em5014-vq1755-em3006-vp3225-lvq6000-e_firmwarep1364_firmwarep3304-v_firmwarem1014a9161_firmwarem1124-ep5532_firmwareq8665-le_firmwarem7014p3367-vp1204p5534_firmwarep3344p1355_firmwareq3515-lve_firmwarea9188_firmwarep3346_firmwarep3315-zl_firmwaren/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-3583
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-41.81% / 97.45%
||
7 Day CHG~0.00%
Published-15 Dec, 2014 | 17:27
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The handle_headers function in mod_proxy_fcgi.c in the mod_proxy_fcgi module in the Apache HTTP Server 2.4.10 allows remote FastCGI servers to cause a denial of service (buffer over-read and daemon crash) via long response headers.

Action-Not Available
Vendor-n/aCanonical Ltd.Apple Inc.The Apache Software Foundation
Product-os_x_serverubuntu_linuxmac_os_xhttp_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-7227
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.44% / 63.25%
||
7 Day CHG~0.00%
Published-22 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GNU linker (ld) in GNU Binutils 2.28 is vulnerable to a heap-based buffer overflow while processing a bogus input script, leading to a program crash. This relates to lack of '\0' termination of a name field in ldlex.l.

Action-Not Available
Vendor-n/aGNU
Product-binutilsn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 12
  • 13
  • Next
Details not found