Total
13458 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-2266 | 1 Isc | 1 Bind | 2025-04-11 | 7.8 HIGH | N/A |
|
libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.
|
|||||
| CVE-2011-4191 | 1 Novell | 1 Netware | 2025-04-11 | 7.5 HIGH | N/A |
|
Stack-based buffer overflow in the xdrDecodeString function in XNFS.NLM in Novell NetWare 6.5 SP8 allows remote attackers to execute arbitrary code or cause a denial of service (abend or NFS outage) via long packets.
|
|||||
| CVE-2011-1336 | 1 Estsoft | 1 Alzip | 2025-04-11 | 9.3 HIGH | N/A |
|
Buffer overflow in ALZip 8.21 and earlier allows remote attackers to execute arbitrary code via a crafted mim file.
|
|||||
| CVE-2011-4040 | 1 Njstar | 1 Njstar Communicator | 2025-04-11 | 10.0 HIGH | N/A |
|
Buffer overflow in MiniSmtp 3.0.11818 in NJStar Communicator allows remote attackers to execute arbitrary code via a crafted packet.
|
|||||
| CVE-2012-3401 | 1 Libtiff | 1 Libtiff | 2025-04-11 | 6.8 MEDIUM | N/A |
|
The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers a heap-based buffer overflow.
|
|||||
| CVE-2011-5162 | 1 Gomlab | 1 Gom Player | 2025-04-11 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in GOM Player 2.1.33.5071 allows user-assisted remote attackers to execute arbitrary code via a .ASX file with a long URI in the "ref href" tag. NOTE: this issue exists because of a CVE-2007-0707 regression.
|
|||||
| CVE-2011-2111 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | 9.3 HIGH | N/A |
|
IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2115 and CVE-2011-2116.
|
|||||
| CVE-2013-0988 | 2 Apple, Microsoft | 4 Quicktime, Windows 7, Windows Vista and 1 more | 2025-04-11 | 9.3 HIGH | N/A |
|
Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FPX file.
|
|||||
| CVE-2013-2875 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
|
core/rendering/svg/SVGInlineTextBox.cpp in the SVG implementation in Blink, as used in Google Chrome before 28.0.1500.71, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2013-6699 | 1 Cisco | 1 Wireless Lan Controller | 2025-04-11 | 5.0 MEDIUM | N/A |
|
The Control and Provisioning of Wireless Access Points (CAPWAP) protocol implementation on Cisco Wireless LAN Controller (WLC) devices allows remote attackers to cause a denial of service via a crafted CAPWAP packet that triggers a buffer over-read, aka Bug ID CSCuh81880.
|
|||||
| CVE-2012-4894 | 1 Google | 1 Sketchup | 2025-04-11 | 9.3 HIGH | N/A |
|
Google SketchUp before 8.0.14346 (aka 8 Maintenance 3) allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SKP file.
|
|||||
| CVE-2011-5089 | 1 Iconics | 2 Bizviz, Genesis32 | 2025-04-11 | 10.0 HIGH | N/A |
|
Buffer overflow in the Security Login ActiveX controls in ICONICS GENESIS32 8.05, 9.0, 9.1, and 9.2 and BizViz 8.05, 9.0, 9.1, and 9.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long password.
|
|||||
| CVE-2011-2951 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2025-04-11 | 9.3 HIGH | N/A |
|
Buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer 12.0.0.1569 allows remote attackers to execute arbitrary code via a crafted raw_data_frame field in an AAC file.
|
|||||
| CVE-2010-4230 | 2 Camtron, Tecvoz | 4 Cmnc-200, Cmnc-200 Firmware, Cmnc-200 and 1 more | 2025-04-11 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in a certain ActiveX control for the Camtron CMNC-200 Full HD IP Camera and TecVoz CMNC-200 Megapixel IP Camera with firmware 1.102A-008 allows remote attackers to execute arbitrary code via a long string in the first argument to the connect method.
|
|||||
| CVE-2010-2739 | 1 Microsoft | 6 Windows 2003 Server, Windows 7, Windows Server 2003 and 3 more | 2025-04-11 | 7.2 HIGH | N/A |
|
Buffer overflow in the CreateDIBPalette function in win32k.sys in Microsoft Windows XP SP3, Server 2003 R2 Enterprise SP2, Vista Business SP1, Windows 7, and Server 2008 SP2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code by performing a clipboard operation (GetClipboardData API function) with a crafted bitmap with a palette that contains a large number of colors.
|
|||||
| CVE-2011-0045 | 1 Microsoft | 1 Windows Xp | 2025-04-11 | 7.2 HIGH | N/A |
|
The Trace Events functionality in the kernel in Microsoft Windows XP SP3 does not properly perform type conversion, which causes integer truncation and insufficient memory allocation and triggers a buffer overflow, which allows local users to gain privileges via a crafted application, related to WmiTraceMessageVa, aka "Windows Kernel Integer Truncation Vulnerability."
|
|||||
| CVE-2012-6470 | 1 Opera | 1 Opera Browser | 2025-04-11 | 9.3 HIGH | N/A |
|
Opera before 12.12 does not properly allocate memory for GIF images, which allows remote attackers to execute arbitrary code or cause a denial of service (memory overwrite) via a malformed image.
|
|||||
| CVE-2012-0202 | 1 Ibm | 1 Cognos Tm1 | 2025-04-11 | 10.0 HIGH | N/A |
|
Multiple stack-based buffer overflows in tm1admsd.exe in the Admin Server in IBM Cognos TM1 9.4.x and 9.5.x before 9.5.2 FP2 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted data.
|
|||||
| CVE-2011-5124 | 1 Bluecoat | 2 Proxyone, Proxysg | 2025-04-11 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in the BCAAA component before build 60258, as used by Blue Coat ProxySG 4.2.3 through 6.1 and ProxyOne, allows remote attackers to execute arbitrary code via a large packet to the synchronization port (16102/tcp).
|
|||||
| CVE-2011-0146 | 2 Apple, Microsoft | 6 Itunes, Webkit, Windows and 3 more | 2025-04-11 | 7.6 HIGH | N/A |
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
|
|||||
| CVE-2011-2127 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | 9.3 HIGH | N/A |
|
Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2114, CVE-2011-2117, CVE-2011-2124, and CVE-2011-2128.
|
|||||
| CVE-2011-5165 | 1 Cleanersoft | 1 Free Mp3 Cd Ripper | 2025-04-11 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in Free MP3 CD Ripper 1.1, 2.6 and earlier, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted .wav file.
|
|||||
| CVE-2010-2063 | 3 Canonical, Debian, Samba | 3 Ubuntu Linux, Debian Linux, Samba | 2025-04-11 | 7.5 HIGH | N/A |
|
Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted field in a packet.
|
|||||
| CVE-2011-0104 | 1 Microsoft | 3 Excel, Office, Open Xml File Format Converter | 2025-04-11 | 9.3 HIGH | N/A |
|
Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HLink record in an Excel file, aka "Excel Buffer Overwrite Vulnerability."
|
|||||
| CVE-2012-4709 | 1 Invensys | 1 Wonderware Intouch | 2025-04-11 | 6.9 MEDIUM | N/A |
|
Invensys Wonderware InTouch HMI 2012 R2 and earlier allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
|
|||||
| CVE-2012-1904 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2025-04-11 | 4.3 MEDIUM | N/A |
|
mp4fformat.dll in the QuickTime File Format plugin in RealNetworks RealPlayer 15 and earlier, and RealPlayer SP 1.1.4 Build 12.0.0.756 and earlier, allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted MP4 file.
|
|||||
| CVE-2011-3491 | 1 Progea | 1 Movicon Powerhmi | 2025-04-11 | 10.0 HIGH | N/A |
|
Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a negative Content-Length field.
|
|||||
| CVE-2012-1144 | 2 Freetype, Mozilla | 2 Freetype, Firefox Mobile | 2025-04-11 | 9.3 HIGH | N/A |
|
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via a crafted TrueType font.
|
|||||
| CVE-2011-0310 | 1 Ibm | 1 Websphere Mq | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Buffer overflow in IBM WebSphere MQ 7.0 before 7.0.1.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted header field in a message.
|
|||||
| CVE-2010-1665 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
|
Google Chrome before 4.1.249.1064 does not properly handle fonts, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors.
|
|||||
| CVE-2012-5958 | 1 Libupnp Project | 1 Libupnp | 2025-04-11 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows remote attackers to execute arbitrary code via a UDP packet with a crafted string that is not properly handled after a certain pointer subtraction.
|
|||||
| CVE-2013-0872 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | 10.0 HIGH | N/A |
|
The swr_init function in libswresample/swresample.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via an invalid or unsupported (1) input or (2) output channel layout, related to an out-of-bounds array access.
|
|||||
| CVE-2012-3678 | 1 Apple | 1 Safari | 2025-04-11 | 9.3 HIGH | N/A |
|
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
|
|||||
| CVE-2010-2210 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Acrobat Reader, Mac Os X and 1 more | 2025-04-11 | 9.3 HIGH | N/A |
|
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2211, and CVE-2010-2212.
|
|||||
| CVE-2010-4695 | 3 Catb, Debian, Redhat | 3 Gif2png, Linux, Fedora | 2025-04-11 | 5.0 MEDIUM | N/A |
|
A certain Fedora patch for gif2png.c in gif2png 2.5.1 and 2.5.2, as distributed in gif2png-2.5.1-1200.fc12 on Fedora 12 and gif2png_2.5.2-1 on Debian GNU/Linux, truncates a GIF pathname specified on the command line, which might allow remote attackers to create PNG files in unintended directories via a crafted command-line argument, as demonstrated by a CGI program that launches gif2png, a different vulnerability than CVE-2009-5018.
|
|||||
| CVE-2012-3940 | 1 Cisco | 1 Webex Recording Format Player | 2025-04-11 | 9.3 HIGH | N/A |
|
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72958.
|
|||||
| CVE-2011-1563 | 1 Realflex | 1 Realwin | 2025-04-11 | 10.0 HIGH | N/A |
|
Multiple stack-based buffer overflows in the HMI application in DATAC RealFlex RealWin 2.1 (Build 6.1.10.10) and earlier allow remote attackers to execute arbitrary code via (1) a long username in an On_FC_CONNECT_FCS_LOGIN packet, and crafted (2) On_FC_CTAGLIST_FCS_CADDTAG, (3) On_FC_CTAGLIST_FCS_CDELTAG, (4) On_FC_CTAGLIST_FCS_ADDTAGMS, (5) On_FC_RFUSER_FCS_LOGIN, (6) unspecified "On_FC_BINFILE_FCS_*FILE", (7) On_FC_CGETTAG_FCS_GETTELEMETRY, (8) On_FC_CGETTAG_FCS_GETCHANNELTELEMETRY, (9) On_FC ...
Show More |
|||||
| CVE-2013-2718 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-11 | 10.0 HIGH | N/A |
|
Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341.
|
|||||
| CVE-2012-3936 | 1 Cisco | 1 Webex Recording Format Player | 2025-04-11 | 9.3 HIGH | N/A |
|
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCua40962.
|
|||||
| CVE-2012-3278 | 1 Hp | 1 Diagnostics Server | 2025-04-11 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in magentservice.exe in HP Diagnostics Server 8.x through 8.07 and 9.x through 9.21 allows remote attackers to execute arbitrary code via a malformed message packet.
|
|||||