Total
12570 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-3687 | 1 Apple | 2 Iphone Os, Itunes | 2025-04-11 | 9.3 HIGH | N/A |
| WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | |||||
| CVE-2013-0508 | 1 Ibm | 2 Tivoli Netcool Application Service Monitors, Tivoli Netcool System Service Monitors | 2025-04-11 | 7.6 HIGH | N/A |
| Multiple buffer overflows in IBM Tivoli Netcool System Service Monitors (SSM) and Application Service Monitors (ASM) 4.0.0 before FP14 and 4.0.1 before FP1 allow context-dependent attackers to execute arbitrary code or cause a denial of service via a long line in (1) hrfstable.idx, (2) hrdevice.idx, (3) hrstorage.idx, or (4) lotusmapfile in the SSM Config directory, or (5) .manifest.hive in the main agent directory. | |||||
| CVE-2009-4756 | 1 Beatport | 1 Beatport Player | 2025-04-11 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in TraktorBeatport.exe 1.0.0.283 in Beatport Player 1.0.0.0 allows remote attackers to execute arbitrary code via a long string in a malformed playlist (.m3u) file. | |||||
| CVE-2012-6570 | 1 Huawei | 18 Ar 18-1x, Ar 18-2x, Ar 18-3x and 15 more | 2025-04-11 | 10.0 HIGH | N/A |
| The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches does not check whether HTTP data is longer than the value of the Content-Length field, which allows remote HTTP servers to conduct heap-based buffer overflow attacks and execute arbitrary code via a crafted response. | |||||
| CVE-2011-3175 | 1 Novell | 1 Zenworks Configuration Management | 2025-04-11 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to execute arbitrary code via an opcode 0x6c request. | |||||
| CVE-2010-2209 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Acrobat Reader, Mac Os X and 1 more | 2025-04-11 | 9.3 HIGH | N/A |
| Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212. | |||||
| CVE-2012-4186 | 5 Canonical, Debian, Mozilla and 2 more | 13 Ubuntu Linux, Debian Linux, Firefox and 10 more | 2025-04-11 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the nsWaveReader::DecodeAudioData function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2011-0477 | 1 Google | 2 Chrome, Chrome Os | 2025-04-11 | 10.0 HIGH | N/A |
| Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle a mismatch in video frame sizes, which allows remote attackers to cause a denial of service (incorrect memory access) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2010-1837 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | 6.8 MEDIUM | N/A |
| CoreText in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font in a PDF document. | |||||
| CVE-2010-2867 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | 9.3 HIGH | N/A |
| DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly handle a certain return value associated with the rcsL chunk in a Director movie, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie, related to a "pointer offset vulnerability." | |||||
| CVE-2012-0595 | 1 Apple | 2 Iphone Os, Itunes | 2025-04-11 | 9.3 HIGH | N/A |
| WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | |||||
| CVE-2013-7016 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | 6.8 MEDIUM | N/A |
| The get_siz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the expected sample separation, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data. | |||||
| CVE-2011-4520 | 1 Microsys | 1 Promotic | 2025-04-11 | 4.3 MEDIUM | N/A |
| Heap-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page. | |||||
| CVE-2010-0517 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with M-JPEG encoding, which causes QuickTime to calculate a buffer size using height and width fields, but to use a different field to control the length of a copy operation. | |||||
| CVE-2012-2895 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
| The PDF functionality in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations. | |||||
| CVE-2013-0310 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-11 | 6.6 MEDIUM | N/A |
| The cipso_v4_validate function in net/ipv4/cipso_ipv4.c in the Linux kernel before 3.4.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an IPOPT_CIPSO IP_OPTIONS setsockopt system call. | |||||
| CVE-2013-1723 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2025-04-11 | 4.3 MEDIUM | N/A |
| The NativeKey widget in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 processes key messages after destruction by a dispatched event listener, which allows remote attackers to cause a denial of service (application crash) by leveraging incorrect event usage after widget-memory reallocation. | |||||
| CVE-2013-6639 | 1 Google | 2 Chrome, V8 | 2025-04-11 | 7.5 HIGH | N/A |
| The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc) in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via JavaScript code that sets the value of an array element with a crafted index. | |||||
| CVE-2010-2287 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 8.3 HIGH | N/A |
| Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. | |||||
| CVE-2011-4194 | 2 Linux, Novell | 2 Linux Kernel, Open Enterprise Server | 2025-04-11 | 7.5 HIGH | N/A |
| Buffer overflow in Novell iPrint Server in Novell Open Enterprise Server 2 (OES2) through SP3 on Linux allows remote attackers to execute arbitrary code via a crafted attributes-natural-language field. | |||||