Total
12125 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-7009 | 1 Ffmpeg | 1 Ffmpeg | 2024-02-04 | 6.8 MEDIUM | N/A |
| The rpza_decode_stream function in libavcodec/rpza.c in FFmpeg before 2.1 does not properly maintain a pointer to pixel data, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Apple RPZA data. | |||||
| CVE-2012-2895 | 1 Google | 1 Chrome | 2024-02-04 | 6.8 MEDIUM | N/A |
| The PDF functionality in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations. | |||||
| CVE-2012-1699 | 2 X, Xfree86 | 2 X.org X11, Xfree86 | 2024-02-04 | 3.6 LOW | N/A |
| The ProcSetEventMask function in difs/events.c in the xfs font server for X.Org X11R6 through X11R6.6 and XFree86 before 3.3.3 calls the SendErrToClient function with a mask value instead of a pointer, which allows local users to cause a denial of service (memory corruption and crash) or obtain potentially sensitive information from memory via a SetEventMask request that triggers an invalid pointer dereference. | |||||
| CVE-2012-5128 | 2 Google, Linux | 3 Chrome, V8, Linux Kernel | 2024-02-04 | 7.5 HIGH | N/A |
| Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.64, does not properly perform write operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2012-2049 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Acrobat Reader, Mac Os X and 1 more | 2024-02-04 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2012-0847 | 1 Ffmpeg | 1 Ffmpeg | 2024-02-04 | 4.3 MEDIUM | N/A |
| Heap-based buffer overflow in the avfilter_filter_samples function in libavfilter/avfilter.c in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service (application crash) via a crafted media file. | |||||
| CVE-2013-6627 | 1 Google | 1 Chrome | 2024-02-04 | 5.0 MEDIUM | N/A |
| net/http/http_stream_parser.cc in Google Chrome before 31.0.1650.48 does not properly process HTTP Informational (aka 1xx) status codes, which allows remote web servers to cause a denial of service (out-of-bounds read) via a crafted response. | |||||
| CVE-2013-0222 | 2 Opensuse, Redhat | 2 Opensuse, Enterprise Linux | 2024-02-04 | 2.1 LOW | N/A |
| The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the uniq command, which triggers a stack-based buffer overflow in the alloca function. | |||||
| CVE-2011-2517 | 2 Linux, Redhat | 5 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 2 more | 2024-02-04 | 7.2 HIGH | N/A |
| Multiple buffer overflows in net/wireless/nl80211.c in the Linux kernel before 2.6.39.2 allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability during scan operations with a long SSID value. | |||||
| CVE-2012-5345 | 1 Kepler Lam | 1 Iptools | 2024-02-04 | 5.0 MEDIUM | N/A |
| Buffer overflow in the Remote command server (Rcmd.bat) in IpTools (aka Tiny TCP/IP server) 0.1.4 allows remote attackers to cause a denial of service (crash) via a long string to TCP port 23. | |||||
| CVE-2012-3534 | 2 Gnugk, Opensuse | 3 Gnu Gatekeeper, Leap, Opensuse | 2024-02-04 | 5.0 MEDIUM | N/A |
| GNU Gatekeeper before 3.1 does not limit the number of connections to the status port, which allows remote attackers to cause a denial of service (connection and thread consumption) via a large number of connections. | |||||
| CVE-2012-0857 | 1 Ffmpeg | 1 Ffmpeg | 2024-02-04 | 5.0 MEDIUM | N/A |
| Multiple buffer overflows in the get_qcx function in the J2K decoder (j2kdec.c) in libavcode in FFmpeg before 0.9.1 allow remote attackers to cause a denial of service (application crash) via unspecified vectors. | |||||
| CVE-2012-1131 | 2 Freetype, Mozilla | 2 Freetype, Firefox Mobile | 2024-02-04 | 9.3 HIGH | N/A |
| FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, on 64-bit platforms allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors related to the cell table of a font. | |||||
| CVE-2013-0249 | 2 Canonical, Haxx | 3 Ubuntu Linux, Curl, Libcurl | 2024-02-04 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the Curl_sasl_create_digest_md5_message function in lib/curl_sasl.c in curl and libcurl 7.26.0 through 7.28.1, when negotiating SASL DIGEST-MD5 authentication, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the realm parameter in a (1) POP3, (2) SMTP or (3) IMAP message. | |||||
| CVE-2012-3364 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 5.0 MEDIUM | N/A |
| Multiple stack-based buffer overflows in the Near Field Communication Controller Interface (NCI) in the Linux kernel before 3.4.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via incoming frames with crafted length fields. | |||||
| CVE-2012-0985 | 1 Sony | 4 Smartwi Connection Utillity, Vaio Easy Connect, Vaio Pc Wireless Lan Wizard and 1 more | 2024-02-04 | 9.3 HIGH | N/A |
| Multiple buffer overflows in the Wireless Manager ActiveX control 4.0.0.0 in WifiMan.dll in Sony VAIO PC Wireless LAN Wizard 1.0; VAIO Wireless Wizard 1.00, 1.00_64, 1.0.1, 2.0, and 3.0; SmartWi Connection Utility 4.7, 4.7.4, 4.8, 4.9, 4.10, and 4.11; and VAIO Easy Connect software 1.0.0 and 1.1.0 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the second argument of the (1) SetTmpProfileOption or (2) ConnectToNetwork method. | |||||
| CVE-2012-5286 | 5 Adobe, Apple, Google and 2 more | 8 Adobe Air, Adobe Air Sdk, Flash Player and 5 more | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. | |||||
| CVE-2012-4409 | 1 Mcrypt | 1 Mcrypt | 2024-02-04 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in the check_file_head function in extra.c in mcrypt 2.6.8 and earlier allows user-assisted remote attackers to execute arbitrary code via an encrypted file with a crafted header containing long salt data that is not properly handled during decryption. | |||||
| CVE-2013-0728 | 1 Hexagon | 1 Erdas Apollo Ecwp | 2024-02-04 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in NCSAddOn.dll in the ERDAS APOLLO ECWP plugin before 13.00.0001 for Internet Explorer, Firefox, and Chrome allow remote attackers to execute arbitrary code via a long property value. | |||||
| CVE-2012-5945 | 1 Ibm | 1 Spss Samplepower | 2024-02-04 | 9.3 HIGH | N/A |
| Multiple buffer overflows in the Vsflex8l ActiveX control in IBM SPSS SamplePower 3.0 before FP1 allow remote attackers to execute arbitrary code via a long (1) ComboList or (2) ColComboList property value. | |||||