Total
12754 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-0237 | 1 Advantech | 1 Advantech Webaccess | 2025-04-11 | 6.4 MEDIUM | N/A |
| Advantech/BroadWin WebAccess before 7.0 allows remote attackers to (1) enable date and time syncing or (2) disable date and time syncing via a crafted URL. | |||||
| CVE-2009-4756 | 1 Beatport | 1 Beatport Player | 2025-04-11 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in TraktorBeatport.exe 1.0.0.283 in Beatport Player 1.0.0.0 allows remote attackers to execute arbitrary code via a long string in a malformed playlist (.m3u) file. | |||||
| CVE-2013-1730 | 1 Mozilla | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2025-04-11 | 6.8 MEDIUM | N/A |
| Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly handle movement of XBL-backed nodes between documents, which allows remote attackers to execute arbitrary code or cause a denial of service (JavaScript compartment mismatch, or assertion failure and application exit) via a crafted web site. | |||||
| CVE-2012-0625 | 1 Apple | 2 Iphone Os, Itunes | 2025-04-11 | 9.3 HIGH | N/A |
| WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | |||||
| CVE-2013-3330 | 8 Adobe, Apple, Google and 5 more | 14 Adobe Air, Adobe Air Sdk, Flash Player and 11 more | 2025-04-11 | 10.0 HIGH | N/A |
| Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335. | |||||
| CVE-2012-0663 | 2 Apple, Microsoft | 2 Quicktime, Windows | 2025-04-11 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in Apple QuickTime before 7.7.2 on Windows allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TeXML file. | |||||
| CVE-2013-0906 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
| The IndexedDB implementation in Google Chrome before 25.0.1364.152 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2009-4245 | 3 Apple, Microsoft, Realnetworks | 6 Mac Os X, Windows, Helix Player and 3 more | 2025-04-11 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a compressed GIF file, related to gifcodec.cpp and gifimage.cpp. | |||||
| CVE-2010-0034 | 1 Microsoft | 1 Powerpoint | 2025-04-11 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Microsoft Office PowerPoint 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "Office PowerPoint Viewer TextCharsAtom Record Stack Overflow Vulnerability." | |||||
| CVE-2011-1731 | 1 Hp | 1 Openview Storage Data Protector | 2025-04-11 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_INTEGUTIL message. | |||||
| CVE-2012-4329 | 1 Samsung | 2 D6000, D6000 Firmware | 2025-04-11 | 7.8 HIGH | N/A |
| The Samsung D6000 TV and possibly other products allow remote attackers to cause a denial of service (continuous restart) via a crafted controller name. | |||||
| CVE-2013-5198 | 1 Apple | 5 Iphone Os, Itunes, Safari and 2 more | 2025-04-11 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. | |||||
| CVE-2013-2492 | 2 Firebirdsql, Microsoft | 2 Firebird, Windows | 2025-04-11 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in Firebird 2.1.3 through 2.1.5 before 18514, and 2.5.1 through 2.5.3 before 26623, on Windows allows remote attackers to execute arbitrary code via a crafted packet to TCP port 3050, related to a missing size check during extraction of a group number from CNCT information. | |||||
| CVE-2013-1026 | 1 Apple | 2 Iphone Os, Mac Os X | 2025-04-11 | 6.8 MEDIUM | N/A |
| Buffer overflow in ImageIO in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JPEG2000 data in a PDF document. | |||||
| CVE-2010-2331 | 1 Upredsun | 1 Isharer File Sharing Wizard | 2025-04-11 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in iSharer File Sharing Wizard 1.5.0 allows remote attackers to execute arbitrary code via a long HEAD request. | |||||
| CVE-2011-3176 | 1 Novell | 1 Zenworks Configuration Management | 2025-04-11 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to execute arbitrary code via an opcode 0x4c request. | |||||
| CVE-2011-0148 | 2 Apple, Microsoft | 6 Itunes, Webkit, Windows and 3 more | 2025-04-11 | 7.6 HIGH | N/A |
| WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | |||||
| CVE-2009-5022 | 1 Libtiff | 1 Libtiff | 2025-04-11 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in tif_ojpeg.c in the OJPEG decoder in LibTIFF before 3.9.5 allows remote attackers to execute arbitrary code via a crafted TIFF file. | |||||
| CVE-2010-2881 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | 9.3 HIGH | N/A |
| IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a malformed file containing an invalid value, as demonstrated by a value at position 0x24C0 of a certain file. | |||||
| CVE-2013-6075 | 1 Strongswan | 1 Strongswan | 2025-04-11 | 5.0 MEDIUM | N/A |
| The compare_dn function in utils/identification.c in strongSwan 4.3.3 through 5.1.1 allows (1) remote attackers to cause a denial of service (out-of-bounds read, NULL pointer dereference, and daemon crash) or (2) remote authenticated users to impersonate arbitrary users and bypass access restrictions via a crafted ID_DER_ASN1_DN ID, related to an "insufficient length check" during identity comparison. | |||||