Total
12362 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2011-2414 | 6 Adobe, Apple, Google and 3 more | 7 Adobe Air, Flash Player, Mac Os X and 4 more | 2025-04-11 | 10.0 HIGH | N/A |
Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2137, and CVE-2011-2415. | |||||
CVE-2012-5947 | 1 Ibm | 1 Spss Samplepower | 2025-04-11 | 9.3 HIGH | N/A |
Buffer overflow in the vsflex7l ActiveX control in IBM SPSS SamplePower 3.0 before FP1 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
CVE-2009-4840 | 1 Roxio | 1 Cineplayer | 2025-04-11 | 9.3 HIGH | N/A |
Heap-based buffer overflow in the IAManager ActiveX control in IAManager.dll in Roxio CinePlayer 3.2 allows remote attackers to execute arbitrary code via a long argument to the SetIAPlayerName method. | |||||
CVE-2012-5671 | 1 Exim | 1 Exim | 2025-04-11 | 6.8 MEDIUM | N/A |
Heap-based buffer overflow in the dkim_exim_query_dns_txt function in dkim.c in Exim 4.70 through 4.80, when DKIM support is enabled and acl_smtp_connect and acl_smtp_rcpt are not set to "warn control = dkim_disable_verify," allows remote attackers to execute arbitrary code via an email from a malicious DNS server. | |||||
CVE-2010-0526 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | 4.3 MEDIUM | N/A |
Heap-based buffer overflow in QuickTimeMPEG.qtx in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted genl atom in a QuickTime movie file with MPEG encoding, which is not properly handled during decompression. | |||||
CVE-2011-0253 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | 9.3 HIGH | N/A |
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. | |||||
CVE-2011-5124 | 1 Bluecoat | 2 Proxyone, Proxysg | 2025-04-11 | 10.0 HIGH | N/A |
Stack-based buffer overflow in the BCAAA component before build 60258, as used by Blue Coat ProxySG 4.2.3 through 6.1 and ProxyOne, allows remote attackers to execute arbitrary code via a large packet to the synchronization port (16102/tcp). | |||||
CVE-2011-0232 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | 9.3 HIGH | N/A |
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. | |||||
CVE-2010-3908 | 2 Ffmpeg, Mplayerhq | 2 Ffmpeg, Mplayer | 2025-04-11 | 6.8 MEDIUM | N/A |
FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed WMV file. | |||||
CVE-2010-1289 | 3 Adobe, Apple, Microsoft | 7 Shockwave Player, Macos, Windows and 4 more | 2025-04-11 | 9.3 HIGH | N/A |
Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1290, and CVE-2010-1291. | |||||
CVE-2011-4579 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2025-04-11 | 4.3 MEDIUM | N/A |
The svq1_decode_frame function in the SVQ1 decoder (svq1dec.c) in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9, and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial of service (memory corruption) via a crafted SVQ1 stream, related to "dimensions changed." | |||||
CVE-2011-1222 | 2 Ibm, Microsoft | 3 Aix, Tivoli Storage Manager, Windows | 2025-04-11 | 7.2 HIGH | N/A |
Buffer overflow in the Journal Based Backup (JBB) feature in the backup-archive client in IBM Tivoli Storage Manager (TSM) before 5.4.3.4, 5.5.x before 5.5.3, 6.x before 6.1.4, and 6.2.x before 6.2.2 on Windows and AIX allows local users to gain privileges via unspecified vectors. | |||||
CVE-2012-0617 | 1 Apple | 2 Iphone Os, Itunes | 2025-04-11 | 9.3 HIGH | N/A |
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | |||||
CVE-2013-6029 | 1 Att | 1 Connect Participant Application | 2025-04-11 | 6.8 MEDIUM | N/A |
Stack-based buffer overflow in the AT&T Connect Participant Application before 9.5.51 on Windows allows remote attackers to execute arbitrary code via a malformed .SVT file. | |||||
CVE-2012-4335 | 1 Samsung | 1 Net-i Viewer | 2025-04-11 | 7.8 HIGH | N/A |
Samsung NET-i viewer 1.37.120316 allows remote attackers to cause a denial of service (infinite loop) via a negative size value in a TCP request to (1) NiwMasterService or (2) NiwStorageService. NOTE: some of these details are obtained from third party information. | |||||
CVE-2013-3474 | 1 Cisco | 1 Wireless Lan Controller | 2025-04-11 | 6.3 MEDIUM | N/A |
The Web Administrator Interface on Cisco Wireless LAN Controller (WLC) devices allows remote authenticated users to cause a denial of service (device crash) by leveraging membership in the Full Manager managers group, Read Only managers group, or Lobby Ambassador managers group, and sending a request that (1) lacks a parameter value or (2) contains a malformed parameter value, aka Bug IDs CSCuh14313, CSCuh14159, CSCuh14368, and CSCuh14436. | |||||
CVE-2011-2434 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-11 | 9.3 HIGH | N/A |
Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2433 and CVE-2011-2437. | |||||
CVE-2013-0270 | 1 Openstack | 1 Keystone | 2025-04-11 | 5.0 MEDIUM | N/A |
OpenStack Keystone Grizzly before 2013.1, Folsom, and possibly earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a large HTTP request, as demonstrated by a long tenant_name when requesting a token. | |||||
CVE-2013-1320 | 1 Microsoft | 1 Publisher | 2025-04-11 | 10.0 HIGH | N/A |
Buffer overflow in Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Buffer Overflow Vulnerability." | |||||
CVE-2010-1831 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | 6.8 MEDIUM | N/A |
Buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code via a long name of an embedded font in a document. |