Total
12125 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-3190 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | |||||
| CVE-2012-3334 | 1 Ibm | 1 Informix Dynamic Server | 2024-02-04 | 9.0 HIGH | N/A |
| Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 11.50 before 11.50.xC9W2 and 11.70 before 11.70.xC5 allows remote authenticated users to execute arbitrary code via crafted arguments in a SET COLLATION statement. | |||||
| CVE-2013-6763 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 6.9 MEDIUM | N/A |
| The uio_mmap_physical function in drivers/uio/uio.c in the Linux kernel before 3.12 does not validate the size of a memory block, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via crafted mmap operations, a different vulnerability than CVE-2013-4511. | |||||
| CVE-2012-5965 | 1 Portable Sdk For Upnp Project | 1 Portable Sdk For Upnp | 2024-02-04 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) 1.3.1 allows remote attackers to execute arbitrary code via a long DeviceType (aka urn device) field in a UDP packet. | |||||
| CVE-2012-1134 | 2 Freetype, Mozilla | 2 Freetype, Firefox Mobile | 2024-02-04 | 9.3 HIGH | N/A |
| FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted private-dictionary data in a Type 1 font. | |||||
| CVE-2012-1885 | 1 Microsoft | 3 Excel, Office, Office Compatibility Pack | 2024-02-04 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Office 2008 and 2011 for Mac; and Office Compatibility Pack SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel SerAuxErrBar Heap Overflow Vulnerability." | |||||
| CVE-2013-3183 | 1 Microsoft | 6 Windows 7, Windows 8, Windows Rt and 3 more | 2024-02-04 | 7.8 HIGH | N/A |
| The TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly perform memory allocation for inbound ICMPv6 packets, which allows remote attackers to cause a denial of service (system hang) via crafted packets, aka "ICMPv6 Vulnerability." | |||||
| CVE-2013-2919 | 3 Debian, Google, Opensuse | 3 Debian Linux, Chrome, Opensuse | 2024-02-04 | 7.5 HIGH | N/A |
| Google V8, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2013-0656 | 1 Siemens | 2 Simatic Rf-manager, Simatic Rf-manager 2008 | 2024-02-04 | 6.8 MEDIUM | N/A |
| Buffer overflow in a third-party ActiveX component in Siemens SIMATIC RF-MANAGER 2008, and RF-MANAGER Basic 3.0 and earlier, allows remote attackers to execute arbitrary code via a crafted web site. | |||||
| CVE-2014-1201 | 2 Lorex Technology, Lorextechnology | 8 Edge2 Lh330 Firmware, Edge3 Lh340 Firmware, Edge\+ Lh320 Firmware and 5 more | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in the INetViewX ActiveX control in the Lorex Edge LH310 and Edge+ LH320 series with firmware 7-35-28-1B26E, Edge2 LH330 series with firmware 11.17.38-33_1D97A, and Edge3 LH340 series with firmware 11.19.85_1FE3A allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the HTTP_PORT parameter. | |||||
| CVE-2012-5253 | 5 Adobe, Apple, Google and 2 more | 8 Adobe Air, Adobe Air Sdk, Flash Player and 5 more | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. | |||||
| CVE-2013-2223 | 1 Wernerd | 1 Zrtpcpp | 2024-02-04 | 5.8 MEDIUM | N/A |
| GNU ZRTPCPP before 3.2.0 allows remote attackers to obtain sensitive information (uninitialized heap memory) or cause a denial of service (out-of-bounds read) via a crafted packet, as demonstrated by a truncated Ping packet that is not properly handled by the getEpHash function. | |||||
| CVE-2013-0723 | 1 Kingsoft | 1 Spreadsheets 2012 | 2024-02-04 | 9.3 HIGH | N/A |
| Multiple heap-based buffer overflows in etxrw.dll in Kingsoft Spreadsheets 2012 8.1.0.3030 allow remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a crafted spreadsheet file. | |||||
| CVE-2013-3142 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3112, CVE-2013-3113, CVE-2013-3121, and CVE-2013-3139. | |||||
| CVE-2012-5268 | 5 Adobe, Apple, Google and 2 more | 8 Adobe Air, Adobe Air Sdk, Flash Player and 5 more | 2024-02-04 | 10.0 HIGH | N/A |
| Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22. | |||||
| CVE-2012-3639 | 1 Apple | 1 Safari | 2024-02-04 | 9.3 HIGH | N/A |
| WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. | |||||
| CVE-2013-5049 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | |||||
| CVE-2013-3355 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Acrobat Reader, Mac Os X and 1 more | 2024-02-04 | 10.0 HIGH | N/A |
| Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3352 and CVE-2013-3354. | |||||
| CVE-2013-2222 | 1 Wernerd | 1 Zrtpcpp | 2024-02-04 | 6.8 MEDIUM | N/A |
| Multiple stack-based buffer overflows in GNU ZRTPCPP before 3.2.0 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ZRTP Hello packet to the (1) ZRtp::findBestSASType, (2) ZRtp::findBestAuthLen, (3) ZRtp::findBestCipher, (4) ZRtp::findBestHash, or (5) ZRtp::findBestPubKey functions. | |||||
| CVE-2013-1343 | 1 Microsoft | 8 Windows 2003 Server, Windows 7, Windows 8 and 5 more | 2024-02-04 | 7.2 HIGH | N/A |
| win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1344, CVE-2013-3864, and CVE-2013-3865. | |||||