Total
12355 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-3563 | 1 Lianja | 1 Lianja Sql Server | 2025-04-11 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in db_netserver in Lianja SQL Server before 1.0.0RC5.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted string to TCP port 8001. | |||||
| CVE-2013-4256 | 2 Canonical, Radscan | 2 Ubuntu Linux, Network Audio System | 2025-04-11 | 4.6 MEDIUM | N/A |
| Multiple stack-based and heap-based buffer overflows in Network Audio System (NAS) 1.9.3 allow local users to cause a denial of service (crash) or possibly execute arbitrary code via the (1) display command argument to the ProcessCommandLine function in server/os/utils.c; (2) ResetHosts function in server/os/access.c; (3) open_unix_socket, (4) open_isc_local, (5) open_xsight_local, (6) open_att_local, or (7) open_att_svr4_local function in server/os/connection.c; the (8) AUDIOHOST environment variable to the CreateWellKnownSockets or (9) AmoebaTCPConnectorThread function in server/os/connection.c; or (10) unspecified vectors related to logging in the osLogMsg function in server/os/aulog.c. | |||||
| CVE-2010-0528 | 2 Apple, Microsoft | 4 Quicktime, Windows 7, Windows Vista and 1 more | 2025-04-11 | 9.3 HIGH | N/A |
| Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted color tables in a movie file, related to malformed MediaVideo data, a sample description atom (STSD), and a crafted length value. | |||||
| CVE-2009-4863 | 1 Ultraplayer | 1 Ultraplayer Media Player | 2025-04-11 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in UltraPlayer Media Player 2.112 allows remote attackers to execute arbitrary code via a long string in a .usk file. | |||||
| CVE-2011-0500 | 1 Verytools | 2 Videospirit Lite, Videospirit Pro | 2025-04-11 | 9.3 HIGH | N/A |
| Buffer overflow in VideoSpirit Pro 1.6.8.1, 1.68, and earlier; and VideoSpirit Lite 1.4.0.1 and possibly other versions; allows user-assisted remote attackers to execute arbitrary code via a VideoSpirit project (.visprj) file containing a valitem element with a long "value" attribute, as demonstrated using a valitem with the mp3 name. | |||||
| CVE-2012-3747 | 1 Apple | 1 Iphone Os | 2025-04-11 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple iOS before 6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | |||||
| CVE-2010-1813 | 1 Apple | 2 Iphone Os, Ipod Touch | 2025-04-11 | 6.8 MEDIUM | N/A |
| WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving HTML object outlines. | |||||
| CVE-2010-2067 | 2 Canonical, Libtiff | 2 Ubuntu Linux, Libtiff | 2025-04-11 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tif_dirread.c in LibTIFF before 3.9.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long EXIF SubjectDistance field in a TIFF file. | |||||
| CVE-2011-2988 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2025-04-11 | 10.0 HIGH | N/A |
| Buffer overflow in an unspecified string class in the WebGL shader implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long source-code block for a shader. | |||||
| CVE-2013-3858 | 1 Microsoft | 5 Office Compatibility Pack, Office Web Apps, Sharepoint Server and 2 more | 2025-04-11 | 9.3 HIGH | N/A |
| Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3847, CVE-2013-3848, and CVE-2013-3849. | |||||
| CVE-2013-3891 | 1 Microsoft | 1 Word | 2025-04-11 | 9.3 HIGH | N/A |
| Microsoft Word 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Memory Corruption Vulnerability." | |||||
| CVE-2013-3158 | 1 Microsoft | 1 Excel | 2025-04-11 | 9.3 HIGH | N/A |
| Microsoft Excel 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." | |||||
| CVE-2013-7018 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | 6.8 MEDIUM | N/A |
| libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the use of valid code-block dimension values, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data. | |||||
| CVE-2010-3396 | 1 Kingsoft | 1 Kingsoft Antivirus | 2025-04-11 | 7.2 HIGH | N/A |
| Buffer overflow in kavfm.sys in Kingsoft Antivirus 2010.04.26.648 and earlier allows local users to execute arbitrary code via a long argument to IOCTL 0x80030004. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-1159 | 2 Aircrack-ng, Gentoo | 2 Aircrack-ng, Linux | 2025-04-11 | 6.8 MEDIUM | N/A |
| Multiple heap-based buffer overflows in Aircrack-ng before 1.1 allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) large length value in an EAPOL packet or (2) long EAPOL packet. | |||||
| CVE-2010-1899 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2025-04-11 | 4.3 MEDIUM | N/A |
| Stack consumption vulnerability in the ASP implementation in Microsoft Internet Information Services (IIS) 5.1, 6.0, 7.0, and 7.5 allows remote attackers to cause a denial of service (daemon outage) via a crafted request, related to asp.dll, aka "IIS Repeated Parameter Request Denial of Service Vulnerability." | |||||
| CVE-2012-3632 | 1 Apple | 2 Iphone Os, Itunes | 2025-04-11 | 9.3 HIGH | N/A |
| WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | |||||
| CVE-2012-0257 | 1 Invensys | 8 Archestra Application Object Toolkit, Foxboro Control Software, Infusion Control Edition and 5 more | 2025-04-11 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in the WWCabFile ActiveX component in the Wonderware System Platform in Invensys Wonderware Application Server 2012 and earlier, Foxboro Control Software 3.1 and earlier, InFusion CE/FE/SCADA 2.5 and earlier, Wonderware Information Server 4.5 and earlier, ArchestrA Application Object Toolkit 3.2 and earlier, and InTouch 10.0 through 10.5 might allow remote attackers to execute arbitrary code via a long string to the Open member, leading to a function-pointer overwrite. | |||||
| CVE-2013-2794 | 1 Trianglemicroworks | 3 .net Communication Protocol Components, Ansi C Source Code Libraries, Scada Data Gateway | 2025-04-11 | 4.9 MEDIUM | N/A |
| Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow physically proximate attackers to cause a denial of service (infinite loop) via crafted input over a serial line. | |||||
| CVE-2011-2096 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Acrobat Reader, Mac Os X and 1 more | 2025-04-11 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors. | |||||