Total
12268 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-3005 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2025-04-11 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OGG headers in a .ogg file. | |||||
| CVE-2012-1941 | 1 Mozilla | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2025-04-11 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the nsHTMLReflowState::CalculateHypotheticalBox function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code by resizing a window displaying absolutely positioned and relatively positioned elements in nested columns. | |||||
| CVE-2013-0682 | 2 Cogentdatahub, Microsoft | 5 Cascade Datahub, Cogent Datahub, Datahub Quicktrend and 2 more | 2025-04-11 | 7.5 HIGH | N/A |
| Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 do not properly handle exceptions, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed data in a formatted text command, leading to out-of-bounds access to (1) heap or (2) stack memory. | |||||
| CVE-2010-2980 | 1 Cisco | 2 5508 Wireless Controller, Unified Wireless Network Solution Software | 2025-04-11 | 7.8 HIGH | N/A |
| Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5508 series controllers allows remote attackers to cause a denial of service (pbuf exhaustion and device crash) via fragmented traffic, aka Bug ID CSCtd26794. | |||||
| CVE-2012-3585 | 1 Irfanview | 2 Irfanview, Irfanview Plugins | 2025-04-11 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in jpeg_ls.dll in the Jpeg_LS (aka JLS) plugin in the formats plugins in IrfanView PlugIns before 4.34 allows remote attackers to execute arbitrary code via a crafted JLS file. | |||||
| CVE-2011-2912 | 1 Konstanty Bialkowski | 1 Libmodplug | 2025-04-11 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in the CSoundFile::ReadS3M function in src/load_s3m.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted S3M file with an invalid offset. | |||||
| CVE-2013-4131 | 1 Apache | 1 Subversion | 2025-04-11 | 4.0 MEDIUM | N/A |
| The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.10 and 1.8.x before 1.8.1 allows remote authenticated users to cause a denial of service (assertion failure or out-of-bounds read) via a certain (1) COPY, (2) DELETE, or (3) MOVE request against a revision root. | |||||
| CVE-2013-4986 | 1 Iconcool | 1 Pdfcool Studio | 2025-04-11 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in PDFAX0722_IconCool.dll 7.22.1125.2121 in IconCool PDFCool Studio 3.32 Build 130330 and earlier allows remote attackers to execute arbitrary code via a crafted PDF file. | |||||
| CVE-2012-2045 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | 10.0 HIGH | N/A |
| Adobe Shockwave Player before 11.6.6.636 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2043, CVE-2012-2044, CVE-2012-2046, and CVE-2012-2047. | |||||
| CVE-2011-3083 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
| browser/profiles/profile_impl_io_data.cc in Google Chrome before 19.0.1084.46 does not properly handle a malformed ftp URL in the SRC attribute of a VIDEO element, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted web page. | |||||
| CVE-2013-0948 | 1 Apple | 1 Iphone Os | 2025-04-11 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. | |||||
| CVE-2009-4661 | 1 Bigantsoft | 1 Bigant Server | 2025-04-11 | 4.3 MEDIUM | N/A |
| Multiple buffer overflows in BigAnt Server 2.50 SP6 and earlier allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted ZIP file that is not properly handled when the victim uses the (1) Update or (2) Plug-In console menu item. | |||||
| CVE-2012-1525 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Acrobat Reader, Mac Os X and 1 more | 2025-04-11 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2012-1517 | 1 Vmware | 2 Esx, Esxi | 2025-04-11 | 9.0 HIGH | N/A |
| The VMX process in VMware ESXi 4.1 and ESX 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service (memory overwrite and process crash) or possibly execute arbitrary code on the host OS via vectors involving function pointers. | |||||
| CVE-2010-0391 | 1 Embarcadero | 1 Interbase Smp 2009 | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in Embarcadero Technologies InterBase SMP 2009 9.0.3.437 allow remote attackers to execute arbitrary code via unknown vectors involving crafted packets. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2012-3890 | 1 Nullsoft | 1 Winamp | 2025-04-11 | 6.8 MEDIUM | N/A |
| The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a .IT file. | |||||
| CVE-2009-4274 | 1 Netpbm | 1 Netpbm | 2025-04-11 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in converter/ppm/xpmtoppm.c in netpbm before 10.47.07 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an XPM image file that contains a crafted header field associated with a large color index value. | |||||
| CVE-2012-4424 | 1 Gnu | 1 Glibc | 2025-04-11 | 5.1 MEDIUM | N/A |
| Stack-based buffer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string that triggers a malloc failure and use of the alloca function. | |||||
| CVE-2013-3878 | 1 Microsoft | 2 Windows Server 2003, Windows Xp | 2025-04-11 | 6.9 MEDIUM | N/A |
| Stack-based buffer overflow in the LRPC client in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges by operating an LRPC server that sends a crafted LPC port message, aka "LRPC Client Buffer Overrun Vulnerability." | |||||
| CVE-2010-4259 | 1 Alexej Kryukov | 1 Fontforge | 2025-04-11 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in FontForge 20100501 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long CHARSET_REGISTRY header in a BDF font file. | |||||