Total
13458 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-4187 | 4 Canonical, Mozilla, Redhat and 1 more | 12 Ubuntu Linux, Firefox, Seamonkey and 9 more | 2025-04-11 | 9.3 HIGH | N/A |
|
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage a certain insPos variable, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and assertion failure) via unspecified vectors.
|
|||||
| CVE-2011-1706 | 1 Novell | 1 Iprint | 2025-04-11 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted iprint-client-config-info parameter in a printer-url.
|
|||||
| CVE-2013-2801 | 1 Osisoft | 1 Pi Interface | 2025-04-11 | 5.0 MEDIUM | N/A |
|
The OSIsoft PI Interface for IEEE C37.118 before 1.0.6.158 allows remote attackers to cause a denial of service (instance shutdown and data-collection outage) via crafted C37.118 configuration packets that trigger an invalid read operation.
|
|||||
| CVE-2010-4113 | 1 Hp | 1 Power Manager | 2025-04-11 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in HP Power Manager (HPPM) before 4.3.2 allows remote attackers to execute arbitrary code via a long Login variable to the management web server.
|
|||||
| CVE-2010-1666 | 1 Dan Pascu | 1 Python-cjson | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Buffer overflow in Dan Pascu python-cjson 1.0.5, when UCS-4 encoding is enabled, allows context-dependent attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors involving crafted Unicode input to the cjson.encode function.
|
|||||
| CVE-2012-6303 | 2 Kth, Opensuse | 3 Snack Sound Toolkit, Wavesurfer, Opensuse | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Heap-based buffer overflow in the GetWavHeader function in generic/jkSoundFile.c in the Snack Sound Toolkit, as used in WaveSurfer 1.8.8p4, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large chunk size in a WAV file.
|
|||||
| CVE-2012-0177 | 1 Microsoft | 3 Office, Works, Works 6-9 File Converter | 2025-04-11 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in the Office Works File Converter in Microsoft Office 2007 SP2, Works 9, and Works 6-9 File Converter allows remote attackers to execute arbitrary code via a crafted Works (aka .wps) file, aka "Office WPS Converter Heap Overflow Vulnerability."
|
|||||
| CVE-2010-4596 | 1 Realnetworks | 2 Helix Mobile Server, Helix Server | 2025-04-11 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and Helix Mobile Server 12.x, 13.x, and 14.x before 14.2, allows remote attackers to execute arbitrary code via a long string in an RTSP request.
|
|||||
| CVE-2013-2223 | 1 Wernerd | 1 Zrtpcpp | 2025-04-11 | 5.8 MEDIUM | N/A |
|
GNU ZRTPCPP before 3.2.0 allows remote attackers to obtain sensitive information (uninitialized heap memory) or cause a denial of service (out-of-bounds read) via a crafted packet, as demonstrated by a truncated Ping packet that is not properly handled by the getEpHash function.
|
|||||
| CVE-2010-2867 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | 9.3 HIGH | N/A |
|
DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly handle a certain return value associated with the rcsL chunk in a Director movie, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie, related to a "pointer offset vulnerability."
|
|||||
| CVE-2013-5018 | 2 Opensuse, Strongswan | 2 Opensuse, Strongswan | 2025-04-11 | 4.3 MEDIUM | N/A |
|
The is_asn1 function in strongSwan 4.1.11 through 5.0.4 does not properly validate the return value of the asn1_length function, which allows remote attackers to cause a denial of service (segmentation fault) via a (1) XAuth username, (2) EAP identity, or (3) PEM encoded file that starts with a 0x04, 0x30, or 0x31 character followed by an ASN.1 length value that triggers an integer overflow.
|
|||||
| CVE-2012-0275 | 1 Adobe | 2 Photoshop Cs5.5, Photoshop Cs6 | 2025-04-11 | 10.0 HIGH | N/A |
|
Heap-based buffer overflow in Photoshop.exe in Adobe Photoshop CS5 12.x before 12.0.5, CS5.1 12.1.x before 12.1.1, and CS6 13.x before 13.0.1 allows remote attackers to execute arbitrary code via a crafted TIFF image with SGI24LogLum compression.
|
|||||
| CVE-2010-0505 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 (JPEG2000) image, related to incorrect calculation and the CGImageReadGetBytesAtOffset function.
|
|||||
| CVE-2010-1465 | 1 Trellian | 1 Ftp | 2025-04-11 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in Trellian FTP client 3.01, including 3.1.3.1789, allows remote attackers to execute arbitrary code via a long PASV response.
|
|||||
| CVE-2013-2794 | 1 Trianglemicroworks | 3 .net Communication Protocol Components, Ansi C Source Code Libraries, Scada Data Gateway | 2025-04-11 | 4.9 MEDIUM | N/A |
|
Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow physically proximate attackers to cause a denial of service (infinite loop) via crafted input over a serial line.
|
|||||
| CVE-2010-3972 | 1 Microsoft | 1 Internet Information Services | 2025-04-11 | 10.0 HIGH | N/A |
|
Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted FTP command, aka "IIS FTP Service Heap Buffer Overrun Vulnerability." NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2013-0617 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-11 | 10.0 HIGH | N/A |
|
Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0612, CVE-2013-0615, and CVE-2013-0621.
|
|||||
| CVE-2013-1588 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 2.9 LOW | N/A |
|
Multiple buffer overflows in the dissect_pft_fec_detailed function in the DCP-ETSI dissector in epan/dissectors/packet-dcp-etsi.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allow remote attackers to cause a denial of service (application crash) via a malformed packet.
|
|||||
| CVE-2011-2453 | 6 Adobe, Apple, Google and 3 more | 7 Adobe Air, Flash Player, Mac Os X and 4 more | 2025-04-11 | 10.0 HIGH | N/A |
|
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.
|
|||||
| CVE-2012-6089 | 1 Swi-prolog | 1 Swi-prolog | 2025-04-11 | 7.5 HIGH | N/A |
|
Multiple stack-based buffer overflows in the canoniseFileName function in os/pl-os.c in SWI-Prolog before 6.2.5 and 6.3.x before 6.3.7 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted filename.
|
|||||
| CVE-2012-0306 | 1 Symantec | 1 Ghost Solutions Suite | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Symantec Ghost Solution Suite 2.x through 2.5.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted backup file.
|
|||||
| CVE-2009-4962 | 1 Adammo | 1 Fat Player | 2025-04-11 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in Fat Player 0.6b allows remote attackers to execute arbitrary code via a long string in a .wav file. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2011-2940 | 1 Stunnel | 1 Stunnel | 2025-04-11 | 9.3 HIGH | N/A |
|
stunnel 4.40 and 4.41 might allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
|
|||||
| CVE-2011-0247 | 2 Apple, Microsoft | 4 Quicktime, Windows 7, Windows Vista and 1 more | 2025-04-11 | 9.3 HIGH | N/A |
|
Multiple stack-based buffer overflows in Apple QuickTime before 7.7 on Windows allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted H.264 movie.
|
|||||
| CVE-2013-0270 | 1 Openstack | 1 Keystone | 2025-04-11 | 5.0 MEDIUM | N/A |
|
OpenStack Keystone Grizzly before 2013.1, Folsom, and possibly earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a large HTTP request, as demonstrated by a long tenant_name when requesting a token.
|
|||||
| CVE-2011-0614 | 1 Adobe | 1 Audition | 2025-04-11 | 9.3 HIGH | N/A |
|
Buffer overflow in Adobe Audition 3.0.1 and earlier allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Audition Session (aka .ses) file.
|
|||||
| CVE-2013-3123 | 1 Microsoft | 1 Internet Explorer | 2025-04-11 | 9.3 HIGH | N/A |
|
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3111.
|
|||||
| CVE-2013-3852 | 1 Microsoft | 3 Office Compatibility Pack, Word, Word Viewer | 2025-04-11 | 9.3 HIGH | N/A |
|
Microsoft Word 2003 SP3, 2007 SP3, and 2010 SP1; Office Compatibility Pack SP3; and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability."
|
|||||
| CVE-2010-2211 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Acrobat Reader, Mac Os X and 1 more | 2025-04-11 | 9.3 HIGH | N/A |
|
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, and CVE-2010-2212.
|
|||||
| CVE-2010-0917 | 1 Microsoft | 5 Internet Explorer, Windows 2000, Windows 2003 Server and 2 more | 2025-04-11 | 7.6 HIGH | N/A |
|
Stack-based buffer overflow in VBScript in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, when Internet Explorer is used, might allow user-assisted remote attackers to execute arbitrary code via a long string in the fourth argument (aka helpfile argument) to the MsgBox function, leading to code execution when the F1 key is pressed, a different vulnerability than CVE-2010-0483.
|
|||||
| CVE-2012-0409 | 1 Emc | 1 Autostart | 2025-04-11 | 7.5 HIGH | N/A |
|
Multiple buffer overflows in EMC AutoStart 5.3.x and 5.4.x before 5.4.3 allow remote attackers to cause a denial of service (agent crash) or possibly execute arbitrary code via crafted packets.
|
|||||
| CVE-2012-6468 | 1 Opera | 1 Opera Browser | 2025-04-11 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in Opera before 12.11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a long HTTP response.
|
|||||
| CVE-2013-2808 | 1 Philips | 4 Xper Flex Cardio, Xper Information Management Physiomonitoring 5, Xper Information Management Vascular Monitoring 5 and 1 more | 2025-04-11 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in Xper in Philips Xper Information Management Physiomonitoring 5 components, Xper Information Management Vascular Monitoring 5 components, and Xper Information Management servers and workstations for Flex Cardio products before XperConnect 1.5.4.053 SP2 allows remote attackers to execute arbitrary code via a crafted HTTP request to the Connect broker on TCP port 6000.
|
|||||
| CVE-2013-3352 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Acrobat Reader, Mac Os X and 1 more | 2025-04-11 | 10.0 HIGH | N/A |
|
Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3354 and CVE-2013-3355.
|
|||||
| CVE-2012-5468 | 1 Bogofilter Project | 1 Bogofilter | 2025-04-11 | 7.5 HIGH | N/A |
|
Heap-based buffer overflow in iconvert.c in the bogolexer component in Bogofilter before 1.2.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an email containing a base64 string that is decoded to incomplete multibyte characters.
|
|||||
| CVE-2012-2856 | 4 Apple, Google, Linux and 1 more | 5 Mac Os X, Chrome, Frame and 2 more | 2025-04-11 | 7.5 HIGH | N/A |
|
The PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations.
|
|||||
| CVE-2011-0341 | 2 Artifex, Mozilla | 2 Mupdf, Firefox | 2025-04-11 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in the pdfmoz_onmouse function in apps/mozilla/moz_main.c in the MuPDF plug-in 2008.09.02 for Firefox allows remote attackers to execute arbitrary code via a crafted web site.
|
|||||
| CVE-2011-1525 | 1 Realnetworks | 1 Realplayer | 2025-04-11 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in rvrender.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.2, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted frame in an Internet Video Recording (IVR) file.
|
|||||
| CVE-2010-1792 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | 9.3 HIGH | N/A |
|
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression.
|
|||||
| CVE-2013-3334 | 8 Adobe, Apple, Google and 5 more | 14 Adobe Air, Adobe Air Sdk, Flash Player and 11 more | 2025-04-11 | 10.0 HIGH | N/A |
|
Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, ...
Show More |
|||||