Total
1226 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-1206 | 1 Hancom | 1 Hancom Office 2010 Se | 2025-04-11 | 9.3 HIGH | N/A |
| Multiple integer overflows in Hancom Office 2010 SE 8.5.5 allow remote attackers to execute arbitrary code via large dimension values in a (1) JPG image to the ImportGR in the JPG image filter module (HncJpeg10.flt) or (2) PNG image to the PNG image filter module (HncPng10.flt), which triggers a heap-based buffer overflow. | |||||
| CVE-2011-1138 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 4.3 MEDIUM | N/A |
| Off-by-one error in the dissect_6lowpan_iphc function in packet-6lowpan.c in Wireshark 1.4.0 through 1.4.3 on 32-bit platforms allows remote attackers to cause a denial of service (application crash) via a malformed 6LoWPAN IPv6 packet. | |||||
| CVE-2011-3102 | 2 Apple, Google | 2 Iphone Os, Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
| Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2012-3825 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 3.3 LOW | N/A |
| Multiple integer overflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) BACapp and (2) Bluetooth HCI dissectors, a different vulnerability than CVE-2012-2392. | |||||
| CVE-2010-2643 | 1 Redhat | 1 Evince | 2025-04-11 | 7.6 HIGH | N/A |
| Integer overflow in the TFM font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer. | |||||
| CVE-2011-2168 | 1 Openbsd | 1 Openbsd | 2025-04-11 | 5.0 MEDIUM | N/A |
| Multiple integer overflows in the glob implementation in libc in OpenBSD before 4.9 might allow context-dependent attackers to have an unspecified impact via a crafted string, related to the GLOB_APPEND and GLOB_DOOFFS flags, a different issue than CVE-2011-0418. | |||||
| CVE-2012-0684 | 1 Xnview | 1 Xnview | 2025-04-11 | 9.3 HIGH | N/A |
| Integer overflow in XnViewer (aka XnView) before 1.98.5 allows remote attackers to execute arbitrary code via a crafted file containing PSD record types, a different vulnerability than CVE-2012-0685. | |||||
| CVE-2012-0022 | 1 Apache | 1 Tomcat | 2025-04-11 | 5.0 MEDIUM | N/A |
| Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858. | |||||
| CVE-2012-0685 | 1 Xnview | 1 Xnview | 2025-04-11 | 9.3 HIGH | N/A |
| Integer overflow in XnViewer (aka XnView) before 1.98.5 allows remote attackers to execute arbitrary code via a crafted file containing PSD record types, a different vulnerability than CVE-2012-0684. | |||||
| CVE-2013-0876 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | 9.3 HIGH | N/A |
| Multiple integer overflows in the (1) old_codec37 and (2) old_codec47 functions in libavcodec/sanm.c in FFmpeg before 1.1.3 allow remote attackers to have an unspecified impact via crafted LucasArts Smush data, which triggers an out-of-bounds array access. | |||||
| CVE-2013-4736 | 1 Codeaurora | 1 Android-msm | 2025-04-11 | 7.8 HIGH | N/A |
| Multiple integer overflows in the JPEG engine drivers in the MSM camera driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service (system crash) via a large number of commands in an ioctl call, related to (1) camera_v1/gemini/msm_gemini_sync.c, (2) camera_v2/gemini/msm_gemini_sync.c, (3) camera_v2/jpeg_10/msm_jpeg_sync.c, (4) gemini/msm_gemini_sync.c, (5) jpeg_10/msm_jpeg_sync.c, and (6) mercury/msm_mercury_sync.c. | |||||
| CVE-2013-6632 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-04-11 | 9.3 HIGH | N/A |
| Integer overflow in Google Chrome before 31.0.1650.57 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as demonstrated during a Mobile Pwn2Own competition at PacSec 2013. | |||||
| CVE-2012-0642 | 1 Apple | 1 Iphone Os | 2025-04-11 | 9.3 HIGH | N/A |
| Integer underflow in Apple iOS before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service (device crash) via a crafted catalog file in an HFS disk image. | |||||
| CVE-2012-6053 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 5.0 MEDIUM | N/A |
| epan/dissectors/packet-usb.c in the USB dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 relies on a length field to calculate an offset value, which allows remote attackers to cause a denial of service (infinite loop) via a zero value for this field. | |||||
| CVE-2010-2181 | 2 Adobe, Macromedia | 3 Air, Flash Player, Flash Player | 2025-04-11 | 9.3 HIGH | N/A |
| Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2170 and CVE-2010-2183. | |||||
| CVE-2011-0914 | 1 Ibm | 1 Lotus Domino | 2025-04-11 | 10.0 HIGH | N/A |
| Integer signedness error in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a GIOP client request, leading to a heap-based buffer overflow. | |||||
| CVE-2012-2383 | 1 Linux | 1 Linux Kernel | 2025-04-11 | 4.9 MEDIUM | N/A |
| Integer overflow in the i915_gem_execbuffer2 function in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.3.5 on 32-bit platforms allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted ioctl call. | |||||
| CVE-2011-2489 | 1 Nrl | 1 Opie | 2025-04-11 | 7.2 HIGH | N/A |
| Multiple off-by-one errors in opiesu.c in opiesu in OPIE 2.4.1-test1 and earlier might allow local users to gain privileges via a crafted command line. | |||||
| CVE-2010-1791 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | 9.3 HIGH | N/A |
| Integer signedness error in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving a JavaScript array index. | |||||
| CVE-2011-1137 | 1 Proftpd | 1 Proftpd | 2025-04-11 | 5.0 MEDIUM | N/A |
| Integer overflow in the mod_sftp (aka SFTP) module in ProFTPD 1.3.3d and earlier allows remote attackers to cause a denial of service (memory consumption leading to OOM kill) via a malformed SSH message. | |||||