Search
Total
6142 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-5349 | 1 Baidu | 1 Spark Browser | 2014-08-20 | 5.0 MEDIUM | N/A |
| Stack-based buffer overflow in Baidu Spark Browser 26.5.9999.3511 allows remote attackers to cause a denial of service (application crash) via nested calls to the window.print JavaScript function. | |||||
| CVE-2014-2357 | 1 Subnet | 1 Substation Server | 2014-08-12 | 7.1 HIGH | N/A |
| The GPT library in the Telegyr 8979 Master Protocol application in SUBNET SubSTATION Server 2 before SSNET 2.12 HF18808 allows remote attackers to cause a denial of service (persistent service crash) via a long RTU-to-Master message. | |||||
| CVE-2013-3930 | 1 Coreftp | 1 Core Ftp | 2014-08-11 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Core FTP before 2.2 build 1785 allows remote FTP servers to execute arbitrary code via a crafted directory name in a CWD command reply. | |||||
| CVE-2014-3459 | 1 Solarwinds | 1 Network Configuration Manager | 2014-08-07 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in SolarWinds Network Configuration Manager (NCM) before 7.3 allows remote attackers to execute arbitrary code via the PEstrarg1 property. | |||||
| CVE-2014-4927 | 3 Acme, D-link, Netgear | 5 Micro Httpd, Dsl2740u, Dsl2750u and 2 more | 2014-07-25 | 7.8 HIGH | N/A |
| Buffer overflow in ACME micro_httpd, as used in D-Link DSL2750U and DSL2740U and NetGear WGR614 and MR-ADSL-DG834 routers allows remote attackers to cause a denial of service (crash) via a long string in the URI in a GET request. | |||||
| CVE-2014-4501 | 3 Bfgminer, Cgminer Project, Sgminer Project | 3 Bfgminer, Cgminer, Sgminer | 2014-07-23 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in sgminer before 4.2.2, cgminer before 4.3.5, and BFGMiner before 3.3.0 allow remote pool servers to have unspecified impact via a long URL in a client.reconnect stratum message to the (1) extract_sockaddr or (2) parse_reconnect functions in util.c. | |||||
| CVE-2014-3939 | 1 Autodesk | 1 Sketchbook Pro | 2014-07-23 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Autodesk SketchBook Pro before 6.2.6 allows remote attackers to execute arbitrary code via crafted layer bitmap data in a PXD file. | |||||
| CVE-2014-3891 | 1 Rimarts | 1 Becky\! Internet Mail | 2014-07-09 | 6.8 MEDIUM | N/A |
| Buffer overflow in RimArts Becky! Internet Mail before 2.68 allows remote POP3 servers to execute arbitrary code via a crafted response. | |||||
| CVE-2014-4646 | 1 Foxitsoftware | 1 Foxit Pdf Sdk Dll | 2014-07-08 | 6.8 MEDIUM | N/A |
| Buffer overflow in the FPDFBookmark_GetTitle method in Foxit PDF SDK DLL before 3.1.1.5005 allows context-dependent attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2010-5299 | 1 Microp Project | 1 Microp | 2014-06-30 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in MicroP 0.1.1.1600 allows remote attackers to execute arbitrary code via a crafted .mppl file. NOTE: it has been reported that the overflow is in the lpFileName parameter of the CreateFileA function, but the overflow is probably caused by a separate, unnamed function. | |||||
| CVE-2014-3788 | 1 Cogentdatahub | 1 Cogent Datahub | 2014-06-27 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the Web Server in Cogent Real-Time Systems Cogent DataHub before 7.3.5 allows remote attackers to execute arbitrary code via a negative value in the Content-Length field in a request. | |||||
| CVE-2014-4643 | 1 Coreftp | 1 Core Ftp | 2014-06-26 | 5.0 MEDIUM | N/A |
| Multiple heap-based buffer overflows in the client in Core FTP LE 2.2 build 1798 allow remote FTP servers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string in a reply to a (1) USER, (2) PASS, (3) PASV, (4) SYST, (5) PWD, or (6) CDUP command. | |||||
| CVE-2014-3000 | 1 Freebsd | 1 Freebsd | 2014-06-21 | 7.8 HIGH | N/A |
| The TCP reassembly function in the inet module in FreeBSD 8.3 before p16, 8.4 before p9, 9.1 before p12, 9.2 before p5, and 10.0 before p2 allows remote attackers to cause a denial of service (undefined memory access and system crash) or possibly read system memory via multiple crafted packets, related to moving a reassemble queue entry to the segment list when the queue is full. | |||||
| CVE-2014-4044 | 1 Openafs | 1 Openafs | 2014-06-21 | 5.0 MEDIUM | N/A |
| OpenAFS 1.6.8 does not properly clear the fields in the host structure, which allows remote attackers to cause a denial of service (uninitialized memory access and crash) via unspecified vectors related to TMAY requests. | |||||
| CVE-2014-0510 | 1 Adobe | 1 Flash Player | 2014-06-21 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Adobe Flash Player 12.0.0.77 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by Zeguang Zhao and Liang Chen during a Pwn2Own competition at CanSecWest 2014. | |||||
| CVE-2012-2052 | 1 Adobe | 2 Photoshop Cs5, Photoshop Cs5.1 | 2014-06-20 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the U3D.8BI library plugin in Adobe Photoshop CS5 12.x before 12.0.5 and CS5.1 12.1.x before 12.1.1 allows remote attackers to execute arbitrary code via a long Collada asset element in a DAE file, as demonstrated by the cameraYFov value in the contributor comments element. | |||||
| CVE-2014-4334 | 1 Ubi | 1 Rayman Legends | 2014-06-20 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in Ubisoft Rayman Legends before 1.3.140380 allows remote attackers to execute arbitrary code via a long string in the "second connection" to TCP port 1001. | |||||
| CVE-2014-4174 | 1 Wireshark | 1 Wireshark | 2014-06-19 | 9.3 HIGH | N/A |
| wiretap/libpcap.c in the libpcap file parser in Wireshark 1.10.x before 1.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted packet-trace file that includes a large packet. | |||||
| CVE-2014-4190 | 1 Huawei | 13 Campus Lsw S9700, Campus S2350, Campus S2750 and 10 more | 2014-06-18 | 7.8 HIGH | N/A |
| Multiple heap-based buffer overflows in Huawei Campus Series Switches S3700HI, S5700, S6700, S3300HI, S5300, S6300, S9300, S7700, and LSW S9700 with software V200R001 before V200R001SPH013; S5700, S6700, S5300, and S6300 with software V200R002 before V200R002SPH005; S7700, S9300, S9300E, S5300, S5700, S6300, S6700, S2350, S2750, and LSW S9700 with software V200R003 before V200R003SPH005; and S7700, S9300, S9300E, and LSW S9700 with software V200R005 before V200R005C00SPC300 allow remote attackers to cause a denial of service (device restart) via a crafted length field in a packet. | |||||
| CVE-2010-5111 | 1 Echoping Project | 1 Echoping | 2014-06-17 | 6.8 MEDIUM | N/A |
| Multiple buffer overflows in readline.c in Echoping 6.0.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted reply in the (1) TLS_readline or (2) SSL_readline function, related to the EchoPingHttps Smokeping probe. | |||||
| CVE-2014-2004 | 1 Iij | 13 Seil\%2fb1 Firmware, Seil\%2fneu 2fe Plus Firmware, Seil\%2fturbo Firmware and 10 more | 2014-06-16 | 5.0 MEDIUM | N/A |
| The PPP Access Concentrator (PPPAC) on SEIL SEIL/x86 routers 1.00 through 3.10, SEIL/X1 routers 1.00 through 4.50, SEIL/X2 routers 1.00 through 4.50, SEIL/B1 routers 1.00 through 4.50, SEIL/Turbo routers 1.80 through 2.17, and SEIL/neu 2FE Plus routers 1.80 through 2.17 allows remote attackers to cause a denial of service (session termination or concentrator outage) via a crafted TCP packet. | |||||
| CVE-2011-3625 | 2 Mplayer2, Ricardo Villalba | 2 Mplayer2, Smplayer | 2014-06-12 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the sub_read_line_sami function in subreader.c in MPlayer, as used in SMPlayer 0.6.9, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a SAMI subtitle file. | |||||
| CVE-2010-5300 | 1 Jzip | 1 Jzip | 2014-06-12 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in Jzip 1.3 through 2.0.0.132900 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long file name in a zip archive. | |||||
| CVE-2014-3912 | 1 Samsung | 1 Ipolis Device Manager | 2014-06-06 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the FindConfigChildeKeyList method in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control in Samsung iPOLiS Device Manager before 1.8.7 allows remote attackers to execute arbitrary code via a long value. | |||||
| CVE-2011-5280 | 1 Rom Walton | 1 Boinc | 2014-06-03 | 5.0 MEDIUM | N/A |
| Multiple stack-based buffer overflows in BOINC 6.13.x allow remote attackers to cause a denial of service (crash) via a long trickle-up to (1) client/cs_trickle.cpp or (2) db/db_base.cpp. | |||||
| CVE-2014-3735 | 1 Intel | 1 Indeo Video | 2014-06-03 | 4.3 MEDIUM | N/A |
| ir41_32.ax 4.51.16.3 for Intel Indeo Video 4.5 allows remote attackers to cause a denial of service (crash) via a crafted .avi file. | |||||
| CVE-2014-0469 | 1 Debian | 1 Xbuffy | 2014-05-31 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in a certain Debian patch for xbuffy before 3.3.bl.3.dfsg-9 allows remote attackers to execute arbitrary code via the subject of an email, possibly related to indent subject lines. | |||||
| CVE-2014-3791 | 1 Efssoft | 1 Easy File Sharing Web Server | 2014-05-21 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 6.8 allows remote attackers to execute arbitrary code via a long string in a cookie UserID parameter to vfolder.ghp. | |||||
| CVE-2014-3452 | 1 K-litecodec | 1 K-lite Codec | 2014-05-19 | 4.3 MEDIUM | N/A |
| Filters\LAV\avfilter-lav-4.dll in K-lite Codec 10.4.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted .jpg file. | |||||
| CVE-2014-0782 | 1 Yokogawa | 15 B\/m9000 Vp, B\/m9000 Vp Software, B\/m9000cs and 12 more | 2014-05-19 | 8.3 HIGH | N/A |
| Stack-based buffer overflow in BKESimmgr.exe in the Expanded Test Functions package in Yokogawa CENTUM CS 1000, CENTUM CS 3000 Entry Class R3.09.50 and earlier, CENTUM VP R5.03.00 and earlier, CENTUM VP Entry Class R5.03.00 and earlier, Exaopc R3.71.02 and earlier, B/M9000CS R5.05.01 and earlier, and B/M9000 VP R7.03.01 and earlier allows remote attackers to execute arbitrary code via a crafted packet. | |||||
| CVE-2014-0511 | 1 Adobe | 1 Acrobat Reader | 2014-05-16 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Adobe Reader 11.0.06 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014. | |||||
| CVE-2014-3441 | 1 Videolan | 1 Vlc Media Player | 2014-05-15 | 4.3 MEDIUM | N/A |
| codec\libpng_plugin.dll in VideoLAN VLC Media Player 2.1.3 allows remote attackers to cause a denial of service (crash) via a crafted .png file, as demonstrated by a png in a .wave file. | |||||
| CVE-2014-3443 | 1 Jetaudio | 1 Jetaudio | 2014-05-15 | 4.3 MEDIUM | N/A |
| JetMPAd.ax in JetAudio 8.1.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted .ogg file. | |||||
| CVE-2014-0513 | 1 Adobe | 1 Illustrator | 2014-05-14 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in Adobe Illustrator CS6 before 16.0.5 and 16.2.x before 16.2.2 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2014-0526 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Acrobat Reader, Mac Os X and 1 more | 2014-05-14 | 10.0 HIGH | N/A |
| Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0522, CVE-2014-0523, and CVE-2014-0524. | |||||
| CVE-2014-0524 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Acrobat Reader, Mac Os X and 1 more | 2014-05-14 | 10.0 HIGH | N/A |
| Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0522, CVE-2014-0523, and CVE-2014-0526. | |||||
| CVE-2014-0522 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Acrobat Reader, Mac Os X and 1 more | 2014-05-14 | 10.0 HIGH | N/A |
| Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0523, CVE-2014-0524, and CVE-2014-0526. | |||||
| CVE-2014-3243 | 1 Makina-corpus | 1 Soappy | 2014-05-13 | 5.0 MEDIUM | N/A |
| SOAPpy 0.12.5 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted SOAP request containing a large number of nested entity references. | |||||
| CVE-2013-4571 | 1 Mediawiki | 1 Mediawiki | 2014-05-12 | 7.5 HIGH | N/A |
| Buffer overflow in php-luasandbox in the Scribuntu extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 has unspecified impact and remote vectors. | |||||
| CVE-2012-0219 | 1 Dest-unreach | 1 Socat | 2014-05-10 | 6.2 MEDIUM | N/A |
| Heap-based buffer overflow in the xioscan_readline function in xio-readline.c in socat 1.4.0.0 through 1.7.2.0 and 2.0.0-b1 through 2.0.0-b4 allows local users to execute arbitrary code via the READLINE address. | |||||
| CVE-2014-2136 | 1 Cisco | 2 Webex Advanced Recording Format Player, Webex Recording Format Player | 2014-05-08 | 9.3 HIGH | N/A |
| Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .arf file, aka Bug IDs CSCui72223, CSCul01163, and CSCul01166. | |||||
| CVE-2014-2135 | 1 Cisco | 2 Webex Advanced Recording Format Player, Webex Recording Format Player | 2014-05-08 | 9.3 HIGH | N/A |
| Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .arf file, aka Bug IDs CSCul87216 and CSCuj07603. | |||||
| CVE-2014-2134 | 1 Cisco | 2 Webex Advanced Recording Format Player, Webex Recording Format Player | 2014-05-08 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted audio channel in a .wrf file, aka Bug ID CSCuc39458. | |||||
| CVE-2014-2133 | 1 Cisco | 2 Webex Advanced Recording Format Player, Webex Recording Format Player | 2014-05-08 | 9.3 HIGH | N/A |
| Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .arf file that triggers improper LZW decompression, aka Bug ID CSCuj87565. | |||||
| CVE-2014-2132 | 1 Cisco | 2 Webex Advanced Recording Format Player, Webex Recording Format Player | 2014-05-08 | 7.8 HIGH | N/A |
| Cisco WebEx Recording Format (WRF) player and Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allow remote attackers to cause a denial of service (application crash) via a crafted (1) .wrf or (2) .arf file that triggers a buffer over-read, aka Bug ID CSCuh52768. | |||||
| CVE-2013-0930 | 1 Emc | 1 Alphastor | 2014-05-05 | 7.6 HIGH | N/A |
| Buffer overflow in Drive Control Program (DCP) in EMC AlphaStor 4.0 before build 814 allows remote attackers to execute arbitrary code via vectors involving a new device name. | |||||
| CVE-2014-2168 | 1 Cisco | 2 Telepresence Tc Software, Telepresence Te Software | 2014-05-02 | 7.6 HIGH | N/A |
| Buffer overflow in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allows remote attackers to execute arbitrary code via crafted DNS response packets, aka Bug ID CSCty44804. | |||||
| CVE-2014-2171 | 1 Cisco | 2 Telepresence Tc Software, Telepresence Te Software | 2014-05-02 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Cisco TelePresence TC Software 4.x through 6.x before 6.0.1 and TE Software 4.x and 6.0.x before 6.0.2 allows remote attackers to execute arbitrary code via crafted SIP packets, aka Bug ID CSCud81796. | |||||
| CVE-2014-2172 | 1 Cisco | 2 Telepresence Tc Software, Telepresence Te Software | 2014-05-02 | 6.6 MEDIUM | N/A |
| Buffer overflow in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allows local users to gain privileges by leveraging improper handling of the u-boot compiler flag for internal executable files, aka Bug ID CSCub67693. | |||||
| CVE-2014-1443 | 1 Coreftp | 1 Core Ftp | 2014-05-02 | 4.0 MEDIUM | N/A |
| Core FTP Server 1.2 before build 515 allows remote authenticated users to obtain sensitive information (password for the previous user) via a USER command with a specific length, possibly related to an out-of-bounds read. | |||||