Total
13573 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-1796 | 1 Linux | 1 Linux Kernel | 2026-06-16 | 6.8 MEDIUM | N/A |
| The kvm_set_msr_common function in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 does not ensure a required time_page alignment during an MSR_KVM_SYSTEM_TIME operation, which allows guest OS users to cause a denial of service (buffer overflow and host OS memory corruption) or possibly have unspecified other impact via a crafted application. | |||||
| CVE-2013-1794 | 1 Openafs | 1 Openafs | 2026-06-16 | 6.5 MEDIUM | N/A |
| Buffer overflow in certain client utilities in OpenAFS before 1.6.2 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long fileserver ACL entry. | |||||
| CVE-2013-1790 | 1 Freedesktop | 1 Poppler | 2026-06-16 | 6.8 MEDIUM | N/A |
| poppler/Stream.cc in poppler before 0.22.1 allows context-dependent attackers to have an unspecified impact via vectors that trigger a read of uninitialized memory by the CCITTFaxStream::lookChar function. | |||||
| CVE-2013-1788 | 1 Freedesktop | 1 Poppler | 2026-06-16 | 6.8 MEDIUM | N/A |
| poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger an "invalid memory access" in (1) splash/Splash.cc, (2) poppler/Function.cc, and (3) poppler/Stream.cc. | |||||
| CVE-2013-1773 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2026-06-16 | 6.2 MEDIUM | N/A |
| Buffer overflow in the VFAT filesystem implementation in the Linux kernel before 3.3 allows local users to gain privileges or cause a denial of service (system crash) via a VFAT write operation on a filesystem with the utf8 mount option, which is not properly handled during UTF-8 to UTF-16 conversion. | |||||
| CVE-2013-1772 | 1 Linux | 1 Linux Kernel | 2026-06-16 | 4.0 MEDIUM | N/A |
| The log_prefix function in kernel/printk.c in the Linux kernel 3.x before 3.4.33 does not properly remove a prefix string from a syslog header, which allows local users to cause a denial of service (buffer overflow and system crash) by leveraging /dev/kmsg write access and triggering a call_console_drivers function call. | |||||
| CVE-2013-1750 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2026-06-16 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in RealNetworks RealPlayer before 16.0.1.18 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a malformed MP4 file. | |||||
| CVE-2013-1736 | 1 Mozilla | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2026-06-16 | 10.0 HIGH | N/A |
| The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to improperly establishing parent-child relationships of range-request nodes. | |||||
| CVE-2013-1732 | 1 Mozilla | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2026-06-16 | 9.3 HIGH | N/A |
| Buffer overflow in the nsFloatManager::GetFlowArea function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code via crafted use of lists and floats within a multi-column layout. | |||||
| CVE-2013-1730 | 1 Mozilla | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2026-06-16 | 6.8 MEDIUM | N/A |
| Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly handle movement of XBL-backed nodes between documents, which allows remote attackers to execute arbitrary code or cause a denial of service (JavaScript compartment mismatch, or assertion failure and application exit) via a crafted web site. | |||||
| CVE-2013-1728 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2026-06-16 | 4.3 MEDIUM | N/A |
| The IonMonkey JavaScript engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21, when Valgrind mode is used, does not properly initialize memory, which makes it easier for remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2013-1725 | 1 Mozilla | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2026-06-16 | 6.8 MEDIUM | N/A |
| Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not ensure that initialization occurs for JavaScript objects with compartments, which allows remote attackers to execute arbitrary code by leveraging incorrect scope handling. | |||||
| CVE-2013-1723 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2026-06-16 | 4.3 MEDIUM | N/A |
| The NativeKey widget in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 processes key messages after destruction by a dispatched event listener, which allows remote attackers to cause a denial of service (application crash) by leveraging incorrect event usage after widget-memory reallocation. | |||||
| CVE-2013-1721 | 1 Mozilla | 2 Firefox, Seamonkey | 2026-06-16 | 9.3 HIGH | N/A |
| Integer overflow in the drawLineLoop function in the libGLESv2 library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox before 24.0 and SeaMonkey before 2.21, allows remote attackers to execute arbitrary code via a crafted web site. | |||||
| CVE-2013-1720 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2026-06-16 | 6.8 MEDIUM | N/A |
| The nsHtml5TreeBuilder::resetTheInsertionMode function in the HTML5 Tree Builder in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 does not properly maintain the state of the insertion-mode stack for template elements, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer over-read) by triggering use of this stack in its empty state. | |||||
| CVE-2013-1719 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2026-06-16 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | |||||
| CVE-2013-1718 | 1 Mozilla | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2026-06-16 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | |||||
| CVE-2013-1707 | 1 Mozilla | 3 Firefox, Thunderbird, Thunderbird Esr | 2026-06-16 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in Mozilla Updater in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, and Thunderbird ESR 17.x before 17.0.8 allows local users to gain privileges via a long pathname on the command line to the Mozilla Maintenance Service. | |||||
| CVE-2013-1706 | 1 Mozilla | 3 Firefox, Thunderbird, Thunderbird Esr | 2026-06-16 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in maintenanceservice.exe in the Mozilla Maintenance Service in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, and Thunderbird ESR 17.x before 17.0.8 allows local users to gain privileges via a long pathname on the command line. | |||||
| CVE-2013-1705 | 1 Mozilla | 2 Firefox, Seamonkey | 2026-06-16 | 10.0 HIGH | N/A |
| Heap-based buffer underflow in the cryptojs_interpret_key_gen_type function in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Certificate Request Message Format (CRMF) request. | |||||