Total
12344 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-1318 | 1 Realnetworks | 3 Helix Mobile Server, Helix Server, Helix Server Mobile | 2025-04-11 | 10.0 HIGH | N/A |
Stack-based buffer overflow in the AgentX::receive_agentx function in AgentX++ 1.4.16, as used in RealNetworks Helix Server and Helix Mobile Server 11.x through 13.x and other products, allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
CVE-2013-4973 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2025-04-11 | 9.3 HIGH | N/A |
Stack-based buffer overflow in RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted .rmp file. | |||||
CVE-2010-2321 | 1 Adobe | 1 Indesign Cs3 | 2025-04-11 | 9.3 HIGH | N/A |
Buffer overflow in Adobe InDesign CS3 10.0 allows user-assisted remote attackers to execute arbitrary code via a crafted .indd file. | |||||
CVE-2010-2160 | 2 Adobe, Macromedia | 3 Air, Flash Player, Flash Player | 2025-04-11 | 9.3 HIGH | N/A |
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via an invalid offset in an unspecified undocumented opcode in ActionScript Virtual Machine 2, related to getouterscope, a different vulnerability than CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. | |||||
CVE-2012-3663 | 1 Apple | 1 Safari | 2025-04-11 | 9.3 HIGH | N/A |
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. | |||||
CVE-2011-2912 | 1 Konstanty Bialkowski | 1 Libmodplug | 2025-04-11 | 6.8 MEDIUM | N/A |
Stack-based buffer overflow in the CSoundFile::ReadS3M function in src/load_s3m.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted S3M file with an invalid offset. | |||||
CVE-2011-1797 | 3 Apple, Chromium Project, Microsoft | 8 Mac Os X, Mac Os X Server, Safari and 5 more | 2025-04-11 | 9.3 HIGH | N/A |
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. | |||||
CVE-2012-0065 | 1 Nikias Bassen | 1 Usbmuxd | 2025-04-11 | 4.6 MEDIUM | N/A |
Heap-based buffer overflow in the receive_packet function in libusbmuxd/libusbmuxd.c in usbmuxd 1.0.5 through 1.0.7 allows physically proximate attackers to execute arbitrary code via a long SerialNumber field in a property list. | |||||
CVE-2012-3936 | 1 Cisco | 1 Webex Recording Format Player | 2025-04-11 | 9.3 HIGH | N/A |
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCua40962. | |||||
CVE-2010-0407 | 1 Muscle | 1 Pcsc-lite | 2025-04-11 | 6.8 MEDIUM | N/A |
Multiple buffer overflows in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 allow local users to gain privileges via crafted message data, which is improperly demarshalled. | |||||
CVE-2012-6048 | 1 Guitar-pro | 1 Guitar Pro | 2025-04-11 | 5.0 MEDIUM | N/A |
Guitar Pro 6.1.1 r10791 allows remote attackers to cause a denial of service (crash) via a long string in a gpx file. | |||||
CVE-2012-2047 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | 10.0 HIGH | N/A |
Adobe Shockwave Player before 11.6.6.636 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2043, CVE-2012-2044, CVE-2012-2045, and CVE-2012-2046. | |||||
CVE-2010-3444 | 2 Fribidi, Kobi Zamir | 2 Gnu Fribidi, Pyfribidi | 2025-04-11 | 7.5 HIGH | N/A |
Buffer overflow in the log2vis_utf8 function in pyfribidi.c in GNU FriBidi 0.19.1, 0.19.2, and possibly other versions, as used in PyFriBidi 0.10.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Arabic UTF-8 string that causes original 2-byte UTF-8 sequences to be transformed into 3-byte sequences. | |||||
CVE-2010-0731 | 1 Gnu | 1 Gnutls | 2025-04-11 | 7.5 HIGH | N/A |
The gnutls_x509_crt_get_serial function in the GnuTLS library before 1.2.1, when running on big-endian, 64-bit platforms, calls the asn1_read_value with a pointer to the wrong data type and the wrong length value, which allows remote attackers to bypass the certificate revocation list (CRL) check and cause a stack-based buffer overflow via a crafted X.509 certificate, related to extraction of a serial number. | |||||
CVE-2013-1009 | 1 Apple | 1 Safari | 2025-04-11 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2013-1023. | |||||
CVE-2011-2962 | 1 Invensys | 1 Wonderware Information Server | 2025-04-11 | 9.3 HIGH | N/A |
Multiple stack-based buffer overflows in Invensys Wonderware Information Server 3.1, 4.0, and 4.0 SP1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via two unspecified ActiveX controls. | |||||
CVE-2010-3019 | 1 Opera | 1 Opera Browser | 2025-04-11 | 9.3 HIGH | N/A |
Heap-based buffer overflow in Opera before 10.61 allows remote attackers to execute arbitrary code or cause a denial of service (application crash or hang) via vectors related to HTML5 canvas painting operations that occur during the application of transformations. | |||||
CVE-2012-4164 | 5 Adobe, Apple, Google and 2 more | 7 Air, Air Sdk, Flash Player and 4 more | 2025-04-11 | 10.0 HIGH | N/A |
Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4163 and CVE-2012-4165. | |||||
CVE-2010-3619 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-11 | 9.3 HIGH | N/A |
Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, CVE-2010-3632, and CVE-2010-3658. | |||||
CVE-2011-5233 | 1 Irfanview | 1 Irfanview | 2025-04-11 | 4.3 MEDIUM | N/A |
Heap-based buffer overflow in IrfanView before 4.32 allows remote attackers to execute arbitrary code via crafted "Rows Per Strip" and "Samples Per Pixel" values in a TIFF image file. |