Total
13458 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-3654 | 1 Mozilla | 2 Firefox, Thunderbird | 2025-04-11 | 10.0 HIGH | N/A |
|
The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly handle links from SVG mpath elements to non-SVG elements, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.
|
|||||
| CVE-2011-0589 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Acrobat Reader, Mac Os X and 1 more | 2025-04-11 | 9.3 HIGH | N/A |
|
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0563 and CVE-2011-0606.
|
|||||
| CVE-2011-0900 | 1 Erick Woods | 1 Terminal Server Client | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Stack-based buffer overflow in the tsc_launch_remote function (src/support.c) in Terminal Server Client (tsclient) 0.150, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via a .RDP file with a long hostname argument.
|
|||||
| CVE-2012-1891 | 1 Microsoft | 7 Data Access Components, Windows 7, Windows Data Access Components and 4 more | 2025-04-11 | 9.3 HIGH | 9.8 CRITICAL |
|
Heap-based buffer overflow in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2 and Windows Data Access Components (WDAC) 6.0 allows remote attackers to execute arbitrary code via crafted XML data that triggers access to an uninitialized object in memory, aka "ADO Cachesize Heap Overflow RCE Vulnerability."
|
|||||
| CVE-2012-0762 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | 10.0 HIGH | N/A |
|
The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0757, CVE-2012-0760, CVE-2012-0761, CVE-2012-0763, CVE-2012-0764, and CVE-2012-0766.
|
|||||
| CVE-2013-1015 | 2 Apple, Microsoft | 4 Quicktime, Windows 7, Windows Vista and 1 more | 2025-04-11 | 9.3 HIGH | N/A |
|
Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TeXML file.
|
|||||
| CVE-2013-0402 | 1 Oracle | 3 Javafx, Jdk, Jre | 2025-04-11 | 10.0 HIGH | N/A |
|
Heap-based buffer overflow in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to execute arbitrary code via unspecified vectors related to JavaFX, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013.
|
|||||
| CVE-2010-5140 | 1 Bitcoin | 2 Bitcoin Core, Wxbitcoin | 2025-04-11 | 5.0 MEDIUM | N/A |
|
wxBitcoin and bitcoind before 0.3.13 do not properly handle bitcoins associated with Bitcoin transactions that have zero confirmations, which allows remote attackers to cause a denial of service (invalid-transaction flood) by sending low-valued transactions without transaction fees.
|
|||||
| CVE-2012-1141 | 2 Freetype, Mozilla | 2 Freetype, Firefox Mobile | 2025-04-11 | 9.3 HIGH | N/A |
|
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted ASCII string in a BDF font.
|
|||||
| CVE-2010-3791 | 1 Apple | 3 Mac Os X, Mac Os X Server, Quicktime | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG movie file.
|
|||||
| CVE-2013-5197 | 1 Apple | 5 Iphone Os, Itunes, Safari and 2 more | 2025-04-11 | 6.8 MEDIUM | N/A |
|
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1.
|
|||||
| CVE-2012-0227 | 2 Componentone, Opcsystems | 2 Flexgrid, Opcsystems.net | 2025-04-11 | 9.3 HIGH | N/A |
|
Buffer overflow in the VSFlex7.VSFlexGrid ActiveX control in ComponentOne FlexGrid 7.1, as used in Open Automation Software OPC Systems.NET, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long archive file name argument to the Archive method.
|
|||||
| CVE-2010-3786 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | 6.8 MEDIUM | N/A |
|
QuickLook in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Excel file.
|
|||||
| CVE-2012-1545 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-11 | 5.8 MEDIUM | N/A |
|
Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, allows remote attackers to bypass Protected Mode or cause a denial of service (memory corruption) by leveraging access to a Low integrity process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012.
|
|||||
| CVE-2010-2880 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | 9.3 HIGH | N/A |
|
DIRAPI.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a malformed file containing an invalid value, as demonstrated by a value at position 0x47 of a certain file.
|
|||||
| CVE-2012-0672 | 1 Apple | 1 Iphone Os | 2025-04-11 | 6.8 MEDIUM | N/A |
|
WebKit in Apple iOS before 5.1.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
|
|||||
| CVE-2012-5240 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 5.8 MEDIUM | N/A |
|
Buffer overflow in the dissect_tlv function in epan/dissectors/packet-ldp.c in the LDP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malformed packet.
|
|||||
| CVE-2013-4079 | 2 Opensuse, Wireshark | 2 Opensuse, Wireshark | 2025-04-11 | 5.0 MEDIUM | N/A |
|
The dissect_schedule_message function in epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (infinite loop and application hang) via a crafted packet.
|
|||||
| CVE-2013-0723 | 1 Kingsoft | 1 Spreadsheets 2012 | 2025-04-11 | 9.3 HIGH | N/A |
|
Multiple heap-based buffer overflows in etxrw.dll in Kingsoft Spreadsheets 2012 8.1.0.3030 allow remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a crafted spreadsheet file.
|
|||||
| CVE-2010-2489 | 2 Microsoft, Ruby-lang | 2 Windows, Ruby | 2025-04-11 | 7.2 HIGH | N/A |
|
Buffer overflow in Ruby 1.9.x before 1.9.1-p429 on Windows might allow local users to gain privileges via a crafted ARGF.inplace_mode value that is not properly handled when constructing the filenames of the backup files.
|
|||||
| CVE-2013-5419 | 1 Ibm | 1 Aix | 2025-04-11 | 6.9 MEDIUM | N/A |
|
Multiple buffer overflows in (1) mkque and (2) mkquedev in bos.rte.printers in IBM AIX 6.1 and 7.1 allow local users to gain privileges by leveraging printq group membership.
|
|||||
| CVE-2011-0152 | 2 Apple, Microsoft | 6 Itunes, Webkit, Windows and 3 more | 2025-04-11 | 7.6 HIGH | N/A |
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
|
|||||
| CVE-2010-5081 | 1 Mini-stream | 1 Rm-mp3 Converter | 2025-04-11 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in Mini-Stream RM-MP3 Converter 3.1.2.1 allows remote attackers to execute arbitrary code via a long URL in a .pls file.
|
|||||
| CVE-2011-1552 | 3 Foolabs, Glyphandcog, T1lib | 3 Xpdf, Xpdfreader, T1lib | 2025-04-11 | 4.3 MEDIUM | N/A |
|
t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, reads from invalid memory locations, which allows remote attackers to cause a denial of service (application crash) via a crafted Type 1 font in a PDF document, a different vulnerability than CVE-2011-0764.
|
|||||
| CVE-2013-1884 | 1 Apache | 1 Subversion | 2025-04-11 | 5.0 MEDIUM | N/A |
|
The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (segmentation fault and crash) via a log REPORT request with an invalid limit, which triggers an access of an uninitialized variable.
|
|||||
| CVE-2010-3253 | 1 Google | 1 Chrome | 2025-04-11 | 10.0 HIGH | N/A |
|
The implementation of notification permissions in Google Chrome before 6.0.472.53 allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
|
|||||
| CVE-2010-2209 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Acrobat Reader, Mac Os X and 1 more | 2025-04-11 | 9.3 HIGH | N/A |
|
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212.
|
|||||
| CVE-2011-2435 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-11 | 9.3 HIGH | N/A |
|
Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors.
|
|||||
| CVE-2011-0155 | 2 Apple, Microsoft | 6 Itunes, Webkit, Windows and 3 more | 2025-04-11 | 7.6 HIGH | N/A |
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
|
|||||
| CVE-2011-2735 | 1 Emc | 1 Autostart | 2025-04-11 | 7.9 HIGH | N/A |
|
Multiple buffer overflows in EMC AutoStart 5.3.x and 5.4.x before 5.4.1 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by sending a crafted message over TCP.
|
|||||
| CVE-2012-0698 | 1 Trustedcomputinggroup | 1 Trousers | 2025-04-11 | 5.0 MEDIUM | N/A |
|
tcsd in TrouSerS before 0.3.10 allows remote attackers to cause a denial of service (daemon crash) via a crafted type_offset value in a TCP packet to port 30003.
|
|||||
| CVE-2012-1776 | 1 Videolan | 1 Vlc Media Player | 2025-04-11 | 9.3 HIGH | N/A |
|
Multiple heap-based buffer overflows in VideoLAN VLC media player before 2.0.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Real RTSP stream.
|
|||||
| CVE-2013-6935 | 1 Videocharge | 1 Watermark Master | 2025-04-11 | 9.3 HIGH | N/A |
|
Buffer overflow in VideoCharge Software Watermark Master 2.2.23 allows remote attackers to execute arbitrary code via a long string in the SourcePath value in a .wcf file.
|
|||||
| CVE-2011-1730 | 1 Hp | 1 Openview Storage Data Protector | 2025-04-11 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_SCRIPT message.
|
|||||
| CVE-2010-1554 | 1 Hp | 1 Openview Network Node Manager | 2025-04-11 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid iCount parameter.
|
|||||
| CVE-2011-0054 | 1 Mozilla | 2 Firefox, Seamonkey | 2025-04-11 | 10.0 HIGH | N/A |
|
Buffer overflow in the JavaScript engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via vectors involving non-local JavaScript variables, aka an "upvarMap" issue.
|
|||||
| CVE-2012-3655 | 1 Apple | 1 Safari | 2025-04-11 | 9.3 HIGH | N/A |
|
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
|
|||||
| CVE-2010-3396 | 1 Kingsoft | 1 Kingsoft Antivirus | 2025-04-11 | 7.2 HIGH | N/A |
|
Buffer overflow in kavfm.sys in Kingsoft Antivirus 2010.04.26.648 and earlier allows local users to execute arbitrary code via a long argument to IOCTL 0x80030004. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2010-2481 | 1 Libtiff | 1 Libtiff | 2025-04-11 | 4.3 MEDIUM | N/A |
|
The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly handle unknown tag types in TIFF directory entries, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF file.
|
|||||
| CVE-2011-2778 | 1 Tor | 1 Tor | 2025-04-11 | 7.6 HIGH | N/A |
|
Multiple heap-based buffer overflows in Tor before 0.2.2.35 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by (1) establishing a SOCKS connection to SocksPort or (2) leveraging a SOCKS proxy configuration.
|
|||||