Total
2551 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-2902 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-04-11 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the XSLT ProcessingInstruction implementation in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to an applyXSLTransform call involving (1) an HTML document or (2) an xsl:processing-instruction element that is still in the process of loading. | |||||
| CVE-2012-2210 | 1 Sony | 1 Bravia Tv | 2025-04-11 | 7.8 HIGH | N/A |
| The Sony Bravia TV KDL-32CX525 allows remote attackers to cause a denial of service (configuration outage or device crash) via a flood of TCP SYN packets, as demonstrated by hping, a related issue to CVE-1999-0116. | |||||
| CVE-2010-4150 | 1 Php | 1 Php | 2025-04-11 | 5.0 MEDIUM | N/A |
| Double free vulnerability in the imap_do_open function in the IMAP extension (ext/imap/php_imap.c) in PHP 5.2 before 5.2.15 and 5.3 before 5.3.4 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors. | |||||
| CVE-2010-1939 | 2 Apple, Microsoft | 2 Safari, Windows | 2025-04-11 | 7.6 HIGH | N/A |
| Use-after-free vulnerability in Apple Safari 4.0.5 on Windows allows remote attackers to execute arbitrary code by using window.open to create a popup window for a crafted HTML document, and then calling the parent window's close method, which triggers improper handling of a deleted window object. | |||||
| CVE-2011-0094 | 1 Microsoft | 6 Internet Explorer, Windows 2003 Server, Windows Server 2003 and 3 more | 2025-04-11 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Layouts Handling Memory Corruption Vulnerability." | |||||
| CVE-2012-2133 | 1 Linux | 1 Linux Kernel | 2025-04-11 | 4.0 MEDIUM | N/A |
| Use-after-free vulnerability in the Linux kernel before 3.3.6, when huge pages are enabled, allows local users to cause a denial of service (system crash) or possibly gain privileges by interacting with a hugetlbfs filesystem, as demonstrated by a umount operation that triggers improper handling of quota data. | |||||
| CVE-2010-1414 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the removeChild DOM method. | |||||
| CVE-2010-4670 | 1 Cisco | 4 5500 Series Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5500 and 1 more | 2025-04-11 | 7.8 HIGH | N/A |
| The Neighbor Discovery (ND) protocol implementation in the IPv6 stack on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(3) and earlier, and Cisco PIX Security Appliances devices, allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with different source addresses, as demonstrated by the flood_router6 program in the thc-ipv6 package, aka Bug ID CSCti24526. | |||||
| CVE-2013-4375 | 2 Qemu, Xen | 2 Qemu, Xen | 2025-04-11 | 2.7 LOW | N/A |
| The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4.3.1, and qemu 1.1 and other versions, allows local HVM guests to cause a denial of service (domain grant reference consumption) via unspecified vectors. | |||||
| CVE-2013-3386 | 1 Cisco | 3 Content Security Management, Email Security Appliance Firmware, Ironport Asyncos | 2025-04-11 | 7.8 HIGH | N/A |
| The IronPort Spam Quarantine (ISQ) component in the web framework in IronPort AsyncOS on Cisco Email Security Appliance devices before 7.1.5-106 and 7.3, 7.5, and 7.6 before 7.6.3-019 and Content Security Management Appliance devices before 7.9.1-102 and 8.0 before 8.0.0-404 allows remote attackers to cause a denial of service (service crash or hang) via a high rate of TCP connection attempts, aka Bug IDs CSCzv25573 and CSCzv81712. | |||||
| CVE-2011-3318 | 1 Cisco | 4 Video Surveillance 2421, Video Surveillance 2500, Video Surveillance 2600 and 1 more | 2025-04-11 | 7.8 HIGH | N/A |
| Cisco Video Surveillance 2421 and 2500 series cameras with software 1.1.x and 2.x before 2.4.0 and Video Surveillance 2600 series cameras with software before 4.2.0-13 allow remote attackers to cause a denial of service (device reload) by sending crafted RTSP packets over TCP, aka Bug IDs CSCtj96312, CSCtj39462, and CSCtl80175. | |||||
| CVE-2013-6479 | 1 Pidgin | 1 Pidgin | 2025-04-11 | 5.0 MEDIUM | N/A |
| util.c in libpurple in Pidgin before 2.10.8 does not properly allocate memory for HTTP responses that are inconsistent with the Content-Length header, which allows remote HTTP servers to cause a denial of service (application crash) via a crafted response. | |||||
| CVE-2013-0920 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the extension bookmarks API in Google Chrome before 26.0.1410.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2011-0346 | 1 Microsoft | 7 Internet Explorer, Windows 2003 Server, Windows 7 and 4 more | 2025-04-11 | 9.3 HIGH | 8.1 HIGH |
| Use-after-free vulnerability in the ReleaseInterface function in MSHTML.DLL in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the DOM implementation and the BreakAASpecial and BreakCircularMemoryReferences functions, as demonstrated by cross_fuzz, aka "MSHTML Memory Corruption Vulnerability." | |||||
| CVE-2009-4875 | 1 Frederico Caldeira Knabben | 1 Fckeditor.java | 2025-04-11 | 5.0 MEDIUM | N/A |
| FCKeditor.Java 2.4 allows remote attackers to cause a denial of service (infinite loop) via a malformed request parameter that contains "ctrl" characters. | |||||
| CVE-2011-3296 | 1 Cisco | 3 Catalyst 6500, Catalyst 7600, Firewall Services Module Software | 2025-04-11 | 7.8 HIGH | N/A |
| Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7), when IPv6 is used, allows remote attackers to cause a denial of service (memory corruption and module crash or hang) via vectors that trigger syslog message 302015, aka Bug ID CSCti83875. | |||||
| CVE-2010-0294 | 1 Tuxfamily | 1 Chrony | 2025-04-11 | 5.0 MEDIUM | N/A |
| chronyd in Chrony before 1.23.1, and possibly 1.24-pre1, generates a syslog message for each unauthorized cmdmon packet, which allows remote attackers to cause a denial of service (disk consumption) via a large number of invalid packets. | |||||
| CVE-2012-0025 | 1 Irfanview | 1 Flashpix Plugin | 2025-04-11 | 6.8 MEDIUM | N/A |
| Double free vulnerability in the Free_All_Memory function in jpeg/dectile.c in libfpx before 1.3.1-1, as used in the FlashPix PlugIn 4.2.2.0 for IrfanView, allows remote attackers to cause a denial of service (crash) via a crafted FPX image. | |||||
| CVE-2011-1651 | 1 Cisco | 1 Ios Xr | 2025-04-11 | 7.8 HIGH | N/A |
| Cisco IOS XR 3.9.x and 4.0.x before 4.0.3 and 4.1.x before 4.1.1, when an SPA interface processor is installed, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 packet, aka Bug ID CSCto45095. | |||||
| CVE-2013-0787 | 1 Mozilla | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2025-04-11 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in the nsEditor::IsPreformatted function in editor/libeditor/base/nsEditor.cpp in Mozilla Firefox before 19.0.2, Firefox ESR 17.x before 17.0.4, Thunderbird before 17.0.4, Thunderbird ESR 17.x before 17.0.4, and SeaMonkey before 2.16.1 allows remote attackers to execute arbitrary code via vectors involving an execCommand call. | |||||