Vulnerabilities (CVE)

Filtered by CWE-118
Total 14 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-6130 1 Artifex 1 Mupdf 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fitz/document.c file, as demonstrated by mutool. This is related to page-number mishandling in cbz/mucbz.c, cbz/muimg.c, and svg/svg-doc.c.
CVE-2018-7530 1 Omron 7 Cx-flnet, Cx-one, Cx-programmer and 4 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer versions 9.65 and prior, CX-Server versions 5.0.22 and prior, Network Configurator versions 3.63 and prior, and Switch Box Utility versions 1.68 and prior, may allow the pointer to call an incorrect object resulting in an access of resource using incompatible type condition.
CVE-2017-5884 2 Fedoraproject, Gnome 2 Fedora, Gtk-vnc 2024-11-21 6.8 MEDIUM 7.8 HIGH
gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the src x, y coordinates in a crafted (1) rre, (2) hextile, or (3) copyrect tile.
CVE-2017-10872 1 Dena 1 H2o 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
H2O version 2.2.3 and earlier allows remote attackers to cause a denial of service in the server via unspecified vectors.
CVE-2017-0302 1 F5 1 Big-ip Access Policy Manager 2024-11-21 3.5 LOW 5.3 MEDIUM
In F5 BIG-IP APM 12.0.0 through 12.1.2 and 13.0.0, an authenticated user with an established access session to the BIG-IP APM system may be able to cause a traffic disruption if the length of the requested URL is less than 16 characters.
CVE-2016-10495 1 Qualcomm 2 Mdm9635m, Mdm9635m Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9635M, made changes to map the scan type value to an index value that is in range.
CVE-2015-9142 1 Qualcomm 52 Mdm9645, Mdm9645 Firmware, Mdm9650 and 49 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9645, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SDM630, SDM636, SDM660, and Snapdragon_High_Med_2016, bounds check is missing for vtable index in DAL-TO-QDI conversion framework.
CVE-2015-2004 1 Gracenote 1 Gnsdk 2024-11-21 7.5 HIGH 9.8 CRITICAL
The GraceNote GNSDK SDK before SVN Changeset 1.1.7 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function.
CVE-2015-2003 1 Pjsip 1 Pjsua2 Sdk 2024-11-21 7.5 HIGH 9.8 CRITICAL
The PJSIP PJSUA2 SDK before SVN Changeset 51322 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function.
CVE-2015-2002 1 Esri 1 Arcgisruntime Sdk 2024-11-21 7.5 HIGH 9.8 CRITICAL
The ESRI ArcGis Runtime SDK before 10.2.6-2 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function.
CVE-2015-2001 1 Metaio 1 Metaio Sdk 2024-11-21 7.5 HIGH 9.8 CRITICAL
The MetaIO SDK before 6.0.2.1 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function.
CVE-2015-2000 1 Jumio 1 Jumio Sdk 2024-11-21 7.5 HIGH 9.8 CRITICAL
The Jumio SDK before 1.5.0 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function.
CVE-2014-9411 1 Google 1 Android 2024-11-21 10.0 HIGH 9.8 CRITICAL
In all Qualcomm products with Android releases from CAF using the Linux kernel, the use of an out-of-range pointer offset is potentially possible in rollback protection.
CVE-2024-43524 1 Microsoft 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more 2024-10-17 N/A 6.8 MEDIUM
Windows Mobile Broadband Driver Remote Code Execution Vulnerability