Total
13290 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-0338 | 3 Canonical, Opensuse, Xmlsoft | 3 Ubuntu Linux, Opensuse, Libxml2 | 2025-04-11 | 4.3 MEDIUM | N/A |
| libxml2 2.9.0 and earlier allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via an XML file containing an entity declaration with long replacement text and many references to this entity, aka "internal entity expansion" with linear complexity. | |||||
| CVE-2011-0273 | 1 Hp | 1 Openview Storage Data Protector Cell Manager | 2025-04-11 | 9.3 HIGH | N/A |
| Buffer overflow in crs.exe in HP OpenView Storage Data Protector Cell Manager 6.11 allows remote attackers to execute arbitrary code via unspecified message types. | |||||
| CVE-2010-4262 | 1 Xfig | 1 Xfig | 2025-04-11 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in Xfig 3.2.4 and 3.2.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a FIG image with a crafted color definition. | |||||
| CVE-2013-3156 | 1 Microsoft | 1 Access | 2025-04-11 | 9.3 HIGH | N/A |
| Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Office allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Access file, aka "Access File Format Memory Corruption Vulnerability." | |||||
| CVE-2011-5163 | 2 Mitsubishi-automation, Schneider-electric | 2 Mx4 Scada, Citectscada | 2025-04-11 | 4.6 MEDIUM | N/A |
| Buffer overflow in an unspecified third-party component in the Batch module for Schneider Electric CitectSCADA before 7.20 and Mitsubishi MX4 SCADA before 7.20 allows local users to execute arbitrary code via a long string in a login sequence. | |||||
| CVE-2012-4876 | 1 Trendnet | 2 Securview Wireless Internet Camera, Securview Wireless Internet Camera Activex Control | 2025-04-11 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the UltraMJCam ActiveX Control in TRENDnet SecurView TV-IP121WN Wireless Internet Camera allows remote attackers to execute arbitrary code via a long string to the OpenFileDlg method. | |||||
| CVE-2010-2990 | 1 Citrix | 5 Ica Client For Linux, Ica Client For Solaris, Online Plug-in For Mac For Xenapp \& Xendesktop and 2 more | 2025-04-11 | 9.3 HIGH | N/A |
| Citrix Online Plug-in for Windows for XenApp & XenDesktop before 11.2, Citrix Online Plug-in for Mac for XenApp & XenDesktop before 11.0, Citrix ICA Client for Linux before 11.100, Citrix ICA Client for Solaris before 8.63, and Citrix Receiver for Windows Mobile before 11.5 allow remote attackers to execute arbitrary code via (1) a crafted HTML document, (2) a crafted .ICA file, or (3) a crafted type field in an ICA graphics packet, related to a "heap offset overflow" issue. | |||||
| CVE-2013-3882 | 1 Microsoft | 1 Internet Explorer | 2025-04-11 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3872, CVE-2013-3873, and CVE-2013-3885. | |||||
| CVE-2011-4077 | 1 Linux | 1 Linux Kernel | 2025-04-11 | 6.9 MEDIUM | N/A |
| Buffer overflow in the xfs_readlink function in fs/xfs/xfs_vnodeops.c in XFS in the Linux kernel 2.6, when CONFIG_XFS_DEBUG is disabled, allows local users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an XFS image containing a symbolic link with a long pathname. | |||||
| CVE-2010-2642 | 3 Redhat, T1lib, Tug | 3 Evince, T1lib, Tetex | 2025-04-11 | 7.6 HIGH | N/A |
| Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer. | |||||
| CVE-2011-1512 | 2 Autonomy, Ibm | 2 Keyview, Lotus Notes | 2025-04-11 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a malformed BIFF record in a .xls Excel spreadsheet attachment, aka SPR PRAD8E3HKR. | |||||
| CVE-2011-4037 | 1 Sielcosistemi | 2 Winlog Lite, Winlog Pro | 2025-04-11 | 9.3 HIGH | N/A |
| Buffer overflow in Sielco Sistemi Winlog PRO before 2.07.09 and Winlog Lite before 2.07.09 allows user-assisted remote attackers to execute arbitrary code via invalid data in unspecified fields of a project file. | |||||
| CVE-2010-2770 | 2 Apple, Mozilla | 4 Mac Os X, Firefox, Seamonkey and 1 more | 2025-04-11 | 9.3 HIGH | N/A |
| Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 on Mac OS X allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted font in a data: URL. | |||||
| CVE-2010-1813 | 1 Apple | 2 Iphone Os, Ipod Touch | 2025-04-11 | 6.8 MEDIUM | N/A |
| WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving HTML object outlines. | |||||
| CVE-2012-0764 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | 10.0 HIGH | N/A |
| The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0757, CVE-2012-0760, CVE-2012-0761, CVE-2012-0762, CVE-2012-0763, and CVE-2012-0766. | |||||
| CVE-2010-1808 | 1 Apple | 3 Apple Type Services, Mac Os X, Mac Os X Server | 2025-04-11 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded font in a document. | |||||
| CVE-2012-0677 | 1 Apple | 1 Itunes | 2025-04-11 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Apple iTunes before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .m3u playlist. | |||||
| CVE-2011-0433 | 3 Gnome, T1lib, Tetex | 3 Evince, T1lib, Tetex | 2025-04-11 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, a different vulnerability than CVE-2010-2642. | |||||
| CVE-2010-0204 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Acrobat Reader, Mac Os X and 1 more | 2025-04-11 | 9.3 HIGH | N/A |
| Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, CVE-2010-0197, and CVE-2010-0201. | |||||
| CVE-2011-2820 | 1 Apple | 2 Itunes, Webkit | 2025-04-11 | 7.6 HIGH | N/A |
| WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | |||||