Total
13113 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-3044 | 1 Cisco | 2 Webex Advanced Recording Format Player, Webex Recording Format Player | 2025-04-11 | 9.3 HIGH | N/A |
| Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to atas32.dll, a different vulnerability than CVE-2010-3041, CVE-2010-3042, and CVE-2010-3043. | |||||
| CVE-2011-0253 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | 9.3 HIGH | N/A |
| WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. | |||||
| CVE-2012-1465 | 1 Netmechanica | 1 Netdecision | 2025-04-11 | 4.3 MEDIUM | N/A |
| Stack-based buffer overflow in the HTTP Server in NetMechanica NetDecision before 4.6.1 allows remote attackers to cause a denial of service (application crash) via a long URL in an HTTP request. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2011-4353 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2025-04-11 | 4.3 MEDIUM | N/A |
| The (1) av_image_fill_pointers, (2) vp5_parse_coeff, and (3) vp6_parse_coeff functions in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9, and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allow remote attackers to cause a denial of service (out-of-bounds read) via a crafted VP5 or VP6 stream. | |||||
| CVE-2011-4610 | 1 Redhat | 4 Jboss Communications Platform, Jboss Enterprise Application Platform, Jboss Enterprise Brms Platform and 1 more | 2025-04-11 | 5.0 MEDIUM | N/A |
| JBoss Web, as used in Red Hat JBoss Communications Platform before 5.1.3, Enterprise Web Platform before 5.1.2, Enterprise Application Platform before 5.1.2, and other products, allows remote attackers to cause a denial of service (infinite loop) via vectors related to a crafted UTF-8 and a "surrogate pair character" that is "at the boundary of an internal buffer." | |||||
| CVE-2013-5127 | 1 Apple | 1 Iphone Os | 2025-04-11 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2. | |||||
| CVE-2011-2125 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | 9.3 HIGH | N/A |
| Buffer overflow in Dirapix.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2011-2809 | 1 Apple | 2 Itunes, Webkit | 2025-04-11 | 7.6 HIGH | N/A |
| WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | |||||
| CVE-2010-2990 | 1 Citrix | 5 Ica Client For Linux, Ica Client For Solaris, Online Plug-in For Mac For Xenapp \& Xendesktop and 2 more | 2025-04-11 | 9.3 HIGH | N/A |
| Citrix Online Plug-in for Windows for XenApp & XenDesktop before 11.2, Citrix Online Plug-in for Mac for XenApp & XenDesktop before 11.0, Citrix ICA Client for Linux before 11.100, Citrix ICA Client for Solaris before 8.63, and Citrix Receiver for Windows Mobile before 11.5 allow remote attackers to execute arbitrary code via (1) a crafted HTML document, (2) a crafted .ICA file, or (3) a crafted type field in an ICA graphics packet, related to a "heap offset overflow" issue. | |||||
| CVE-2010-4307 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | 9.3 HIGH | N/A |
| Buffer overflow in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2010-2212 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Acrobat Reader, Mac Os X and 1 more | 2025-04-11 | 9.3 HIGH | N/A |
| Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a PDF file containing Flash content with a crafted #1023 (3FFh) tag, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, and CVE-2010-2211. | |||||
| CVE-2011-4870 | 1 Invensys | 1 Wonderware Inbatch | 2025-04-11 | 6.8 MEDIUM | N/A |
| Multiple buffer overflows in the (1) GUIControls, (2) BatchObjSrv, and (3) BatchSecCtrl ActiveX controls in Invensys Wonderware InBatch 9.0 and 9.0 SP1, and InBatch 8.1 SP1, 9.0 SP2, and 9.5 Server and Runtime Clients, allow remote attackers to execute arbitrary code via a long string in a property value, a different issue than CVE-2011-3141. | |||||
| CVE-2013-6623 | 1 Google | 1 Chrome | 2025-04-11 | 4.3 MEDIUM | N/A |
| The SVG implementation in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service (out-of-bounds read) by leveraging the use of tree order, rather than transitive dependency order, for layout. | |||||
| CVE-2012-0654 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | 6.8 MEDIUM | N/A |
| libsecurity in Apple Mac OS X before 10.7.4 accesses uninitialized memory locations during the processing of X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted certificate. | |||||
| CVE-2011-0191 | 2 Apple, Microsoft | 5 Itunes, Windows, Windows 7 and 2 more | 2025-04-11 | 9.3 HIGH | N/A |
| Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with JPEG encoding. | |||||
| CVE-2010-3416 | 2 Google, Linux | 2 Chrome, Linux Kernel | 2025-04-11 | 7.5 HIGH | 9.8 CRITICAL |
| Google Chrome before 6.0.472.59 on Linux does not properly implement the Khmer locale, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2011-0136 | 2 Apple, Microsoft | 6 Itunes, Webkit, Windows and 3 more | 2025-04-11 | 7.6 HIGH | N/A |
| WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | |||||
| CVE-2012-1184 | 1 Digium | 1 Asterisk | 2025-04-11 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the ast_parse_digest function in main/utils.c in Asterisk 1.8.x before 1.8.10.1 and 10.x before 10.2.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string in an HTTP Digest Authentication header. | |||||
| CVE-2013-2686 | 1 Asterisk | 3 Certified Asterisk, Digiumphones, Open Source | 2025-04-11 | 5.0 MEDIUM | N/A |
| main/http.c in the HTTP server in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; and Asterisk Digiumphones 10.x-digiumphones before 10.12.2-digiumphones does not properly restrict Content-Length values, which allows remote attackers to conduct stack-consumption attacks and cause a denial of service (daemon crash) via a crafted HTTP POST request. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-5976. | |||||
| CVE-2013-3117 | 1 Microsoft | 1 Internet Explorer | 2025-04-11 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3122 and CVE-2013-3124. | |||||