Vulnerabilities (CVE)

Filtered by CWE-399
Total 2696 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-0625 2 Dell, Emc 2 Bsafe Ssl-j, Rsa Bsafe Ssl-j 2025-04-11 5.0 MEDIUM N/A
The SSLSocket implementation in the (1) JSAFE and (2) JSSE APIs in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 allows remote attackers to cause a denial of service (memory consumption) by triggering application-data processing during the TLS handshake, a time at which the data is internally buffered.
CVE-2011-3488 1 Equis 1 Metastock 2025-04-11 10.0 HIGH N/A
Use-after-free vulnerability in Equis MetaStock 11 and earlier allows remote attackers to execute arbitrary code via a malformed (1) mwc chart, (2) mws chart, (3) mwt template, or (4) mwl layout.
CVE-2011-1515 1 Hp 1 Openview Storage Data Protector 2025-04-11 5.0 MEDIUM N/A
The inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allows remote attackers to cause a denial of service (daemon exit) via a request containing crafted parameters.
CVE-2010-0160 1 Mozilla 2 Firefox, Seamonkey 2025-04-11 10.0 HIGH N/A
The Web Worker functionality in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly handle array data types for posted messages, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.
CVE-2009-5040 1 Cisco 1 Ios 2025-04-11 6.8 MEDIUM N/A
CallManager Express (CME) on Cisco IOS before 15.0(1)XA allows remote authenticated users to cause a denial of service (device crash) by using an extension mobility (EM) phone to interact with the menu for SNR number changes, aka Bug ID CSCta63555.
CVE-2010-1285 3 Adobe, Apple, Microsoft 4 Acrobat, Acrobat Reader, Mac Os X and 1 more 2025-04-11 9.3 HIGH N/A
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified manipulations involving the newclass (0x58) operator and an "invalid pointer vulnerability" that triggers memory corruption, a different vulnerability than CVE-2010-2168 and CVE-2010-2201.
CVE-2011-2363 1 Mozilla 3 Firefox, Seamonkey, Thunderbird 2025-04-11 10.0 HIGH N/A
Use-after-free vulnerability in the nsSVGPointList::AppendElement function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a user-supplied callback.
CVE-2011-4528 1 Unbound 1 Unbound 2025-04-11 5.0 MEDIUM N/A
Unbound before 1.4.13p2 attempts to free unallocated memory during processing of duplicate CNAME records in a signed zone, which allows remote DNS servers to cause a denial of service (daemon crash) via a crafted response.
CVE-2011-2952 1 Realnetworks 2 Realplayer, Realplayer Sp 2025-04-11 9.3 HIGH N/A
Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via vectors related to a dialog box.
CVE-2012-2878 2 Google, Opensuse 2 Chrome, Opensuse 2025-04-11 7.5 HIGH N/A
Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to plug-in handling.
CVE-2013-0919 2 Google, Linux 2 Chrome, Linux Kernel 2025-04-11 7.5 HIGH N/A
Use-after-free vulnerability in Google Chrome before 26.0.1410.43 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging the presence of an extension that creates a pop-up window.
CVE-2012-2970 1 Synel 1 Sy-780\/a Time \& Attendance Terminal 2025-04-11 7.8 HIGH N/A
The Synel SY-780/A Time & Attendance terminal allows remote attackers to cause a denial of service (device hang) via network traffic to port (1) 1641, (2) 3734, or (3) 3735.
CVE-2012-4287 2 Sun, Wireshark 2 Sunos, Wireshark 2025-04-11 5.0 MEDIUM N/A
epan/dissectors/packet-mongo.c in the MongoDB dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a small value for a BSON document length.
CVE-2011-1267 1 Microsoft 3 Windows 7, Windows Server 2008, Windows Vista 2025-04-11 7.8 HIGH N/A
The SMB server in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to cause a denial of service (system hang) via a crafted (1) SMBv1 or (2) SMBv2 request, aka "SMB Request Parsing Vulnerability."
CVE-2011-1234 1 Microsoft 6 Windows 2003 Server, Windows 7, Windows Server 2003 and 3 more 2025-04-11 7.2 HIGH N/A
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability."
CVE-2011-0991 2 Mono, Novell 2 Mono, Moonlight 2025-04-11 6.8 MEDIUM N/A
Use-after-free vulnerability in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to finalizing and then resurrecting a DynamicMethod instance.
CVE-2010-1992 1 Google 1 Chrome 2025-04-11 5.0 MEDIUM N/A
Google Chrome 1.0.154.48 executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many IFRAME elements.
CVE-2013-0247 2 Canonical, Openstack 2 Ubuntu Linux, Keystone 2025-04-11 5.0 MEDIUM N/A
OpenStack Keystone Essex 2012.1.3 and earlier, Folsom 2012.2.3 and earlier, and Grizzly grizzly-2 and earlier allows remote attackers to cause a denial of service (disk consumption) via many invalid token requests that trigger excessive generation of log entries.
CVE-2011-0492 1 Tor 1 Tor 2025-04-11 5.0 MEDIUM N/A
Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha allows remote attackers to cause a denial of service (assertion failure and daemon exit) via blobs that trigger a certain file size, as demonstrated by the cached-descriptors.new file.
CVE-2013-2176 1 Redhat 1 Enterprise Virtualization 2025-04-11 7.2 HIGH N/A
Unquoted Windows search path vulnerability in the Red Hat Enterprise Virtualization Application Provisioning Tool (RHEV-APT) in the rhev-guest-tools-iso package 3.2 allows local users to gain privileges via a Trojan horse application.