Search
Total
6142 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-4004 | 1 Cisco | 1 Webex Recording Format Player | 2012-04-06 | 9.3 HIGH | N/A |
| Buffer overflow in the ATAS32 processing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via a crafted WRF file. | |||||
| CVE-2011-3319 | 1 Cisco | 1 Webex Recording Format Player | 2012-04-06 | 9.3 HIGH | N/A |
| Buffer overflow in the WRF parsing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via a crafted WRF file. | |||||
| CVE-2011-4535 | 2 Craig Peterson, Scadatec | 3 Turbopower Abbrevia, Modbustagserver, Scadaphone | 2012-04-03 | 6.8 MEDIUM | N/A |
| Buffer overflow in TurboPower Abbrevia before 4.0, as used in ScadaTEC ScadaPhone 5.3.11.1230 and earlier, ScadaTEC ModbusTagServer 4.1.1.81 and earlier, and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ZIP file. | |||||
| CVE-2012-0222 | 1 Rockwellautomation | 2 Factorytalk, Rslogix 5000 | 2012-04-03 | 5.0 MEDIUM | N/A |
| The FactoryTalk (FT) RNADiagReceiver service in Rockwell Automation Allen-Bradley FactoryTalk CPR9 through SR5 and RSLogix 5000 17 through 20 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted packet. | |||||
| CVE-2011-4045 | 1 Arcinfo | 3 Frontvue, Pcvue, Plantvue | 2012-04-03 | 4.3 MEDIUM | N/A |
| Buffer overflow in an unspecified ActiveX control in aipgctl.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to cause a denial of service via a crafted HTML document. | |||||
| CVE-2012-0764 | 1 Adobe | 1 Shockwave Player | 2012-03-21 | 10.0 HIGH | N/A |
| The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0757, CVE-2012-0760, CVE-2012-0761, CVE-2012-0762, CVE-2012-0763, and CVE-2012-0766. | |||||
| CVE-2009-3088 | 2 Ibm, Linux | 2 Tivoli Directory Server, Linux Kernel | 2012-03-20 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in ibmdiradm in IBM Tivoli Directory Server (TDS) 6.0 on Linux allows remote attackers to have an unspecified impact via unknown vectors that trigger heap corruption, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2009-0605 | 1 Linux | 1 Linux Kernel | 2012-03-19 | 4.9 MEDIUM | N/A |
| Stack consumption vulnerability in the do_page_fault function in arch/x86/mm/fault.c in the Linux kernel before 2.6.28.5 allows local users to cause a denial of service (memory corruption) or possibly gain privileges via unspecified vectors that trigger page faults on a machine that has a registered Kprobes probe. | |||||
| CVE-2009-3234 | 1 Linux | 1 Linux Kernel | 2012-03-19 | 4.9 MEDIUM | N/A |
| Buffer overflow in the perf_copy_attr function in kernel/perf_counter.c in the Linux kernel 2.6.31-rc1 allows local users to cause a denial of service (crash) and execute arbitrary code via a "big size data" to the perf_counter_open system call. | |||||
| CVE-2011-3142 | 1 Wellintech | 1 Kingview | 2012-03-16 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in an ActiveX control in KVWebSvr.dll in WellinTech KingView 6.52 and 6.53 allows remote attackers to execute arbitrary code via a long second argument to the ValidateUser method. | |||||
| CVE-2011-3141 | 1 Invensys | 1 Wonderware Inbatch | 2012-03-16 | 9.3 HIGH | N/A |
| Buffer overflow in the InBatch BatchField ActiveX control for Invensys Wonderware InBatch 8.1 SP1, 9.0, and 9.0 SP1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. | |||||
| CVE-2011-4261 | 1 Realnetworks | 1 Realplayer | 2012-03-08 | 9.3 HIGH | N/A |
| RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted video dimensions in an MP4 file. | |||||
| CVE-2011-4244 | 1 Realnetworks | 1 Realplayer | 2012-03-08 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the RealVideo renderer in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2011-4245 | 1 Realnetworks | 1 Realplayer | 2012-03-08 | 10.0 HIGH | N/A |
| The RealVideo renderer in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||||
| CVE-2011-4034 | 1 Schneider-electric | 3 Citecthistorian, Citectscada Reports, Vijeo Historian | 2012-03-08 | 9.3 HIGH | N/A |
| Buffer overflow in the Steema TeeChart ActiveX control, as used in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors. | |||||
| CVE-2012-0397 | 1 Rsa | 1 Securid Software Token Converter | 2012-03-07 | 7.6 HIGH | N/A |
| Buffer overflow in EMC RSA SecurID Software Token Converter before 2.6.1 allows remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors. | |||||
| CVE-2012-0766 | 1 Adobe | 1 Shockwave Player | 2012-02-25 | 10.0 HIGH | N/A |
| The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0757, CVE-2012-0760, CVE-2012-0761, CVE-2012-0762, CVE-2012-0763, and CVE-2012-0764. | |||||
| CVE-2011-4187 | 2 Microsoft, Novell | 2 Windows, Iprint | 2012-02-24 | 10.0 HIGH | N/A |
| Buffer overflow in the GetDriverSettings function in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a long realm field, a different vulnerability than CVE-2011-3173. | |||||
| CVE-2011-1914 | 1 Advantech | 3 Adam Opc Server, Modbus Rtu Opc Server, Modbus Tcp Opc Server | 2012-02-23 | 10.0 HIGH | N/A |
| Buffer overflow in the Advantech ADAM OLE for Process Control (OPC) Server ActiveX control in ADAM OPC Server before 3.01.012, Modbus RTU OPC Server before 3.01.010, and Modbus TCP OPC Server before 3.01.010 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2011-4185 | 2 Microsoft, Novell | 2 Windows, Iprint | 2012-02-22 | 10.0 HIGH | N/A |
| The GetPrinterURLList2 method in the ActiveX control in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2008-2431 and CVE-2008-2436. | |||||
| CVE-2011-4186 | 2 Microsoft, Novell | 2 Windows, Iprint | 2012-02-22 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a crafted client-file-name parameter in a printer-url, a different vulnerability than CVE-2011-1705. | |||||
| CVE-2011-5002 | 1 Finaldraft | 1 Finaldraft | 2012-02-17 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in Final Draft 8 before 8.02 allow remote attackers to execute arbitrary code via a .fdx or .fdxt file with long (1) Word, (2) Transition, (3) Location, (4) Extension, (5) SceneIntro, (6) TimeOfDay, and (7) Character elements. | |||||
| CVE-2011-5006 | 1 Qqplayer | 1 Qqplayer | 2012-02-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in QQPlayer 3.2.845 allows remote attackers to execute arbitrary code via a crafted PnSize value in a MOV file. | |||||
| CVE-2012-0757 | 1 Adobe | 1 Shockwave Player | 2012-02-16 | 10.0 HIGH | N/A |
| The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0760, CVE-2012-0761, CVE-2012-0762, CVE-2012-0763, CVE-2012-0764, and CVE-2012-0766. | |||||
| CVE-2012-0763 | 1 Adobe | 1 Shockwave Player | 2012-02-16 | 10.0 HIGH | N/A |
| The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0757, CVE-2012-0760, CVE-2012-0761, CVE-2012-0762, CVE-2012-0764, and CVE-2012-0766. | |||||
| CVE-2012-0758 | 1 Adobe | 1 Shockwave Player | 2012-02-16 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2012-0760 | 1 Adobe | 1 Shockwave Player | 2012-02-16 | 10.0 HIGH | N/A |
| The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0757, CVE-2012-0761, CVE-2012-0762, CVE-2012-0763, CVE-2012-0764, and CVE-2012-0766. | |||||
| CVE-2011-2446 | 1 Adobe | 1 Shockwave Player | 2012-02-15 | 10.0 HIGH | N/A |
| The DIRapi library in Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2448. | |||||
| CVE-2011-2448 | 1 Adobe | 1 Shockwave Player | 2012-02-15 | 10.0 HIGH | N/A |
| The DIRapi library in Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2446. | |||||
| CVE-2011-2449 | 1 Adobe | 1 Shockwave Player | 2012-02-15 | 10.0 HIGH | N/A |
| The TextXtra module in Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||||
| CVE-2011-2447 | 1 Adobe | 1 Shockwave Player | 2012-02-15 | 10.0 HIGH | N/A |
| Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||||
| CVE-2011-3490 | 1 Measuresoft | 1 Scadapro | 2012-02-14 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long command to port 11234, as demonstrated with the TF command. | |||||
| CVE-2011-2950 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2012-02-14 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in qcpfformat.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted QCP file. | |||||
| CVE-2011-2443 | 1 Adobe | 1 Photoshop Elements | 2012-02-14 | 9.3 HIGH | N/A |
| Multiple buffer overflows in Adobe Photoshop Elements 8.0 and earlier allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted (1) .grd or (2) .abr file, a related issue to CVE-2010-1296. | |||||
| CVE-2009-3999 | 1 Hp | 1 Power Manager | 2012-02-14 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to execute arbitrary code via a long fileName parameter. | |||||
| CVE-2012-0395 | 1 Emc | 1 Networker | 2012-02-06 | 9.3 HIGH | N/A |
| Buffer overflow in the server in EMC NetWorker 7.5.x and 7.6.x before 7.6.3 SP1 Cumulative Release build 851 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors. | |||||
| CVE-2011-3874 | 1 Google | 1 Android | 2012-02-06 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in libsysutils in Android 2.2.x through 2.2.2 and 2.3.x through 2.3.6 allows user-assisted remote attackers to execute arbitrary code via an application that calls the FrameworkListener::dispatchCommand method with the wrong number of arguments, as demonstrated by zergRush to trigger a use-after-free error. | |||||
| CVE-2011-3448 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2012-02-03 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in CoreMedia in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding. | |||||
| CVE-2012-0916 | 1 Renren | 1 Renren Talk | 2012-01-25 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in RenRen Talk 2.9 allows remote attackers to execute arbitrary code via a crafted image in a chat message, as demonstrated using a PNG file. | |||||
| CVE-2011-4134 | 1 Flexerasoftware | 1 Flexnet Publisher | 2012-01-20 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in lmadmin in Flexera FlexNet Publisher 11.10 (aka FlexNet License Server Manager) allows remote attackers to execute arbitrary code via a crafted 0x2f packet. | |||||
| CVE-2011-3343 | 1 Openttd | 1 Openttd | 2012-01-19 | 4.6 MEDIUM | N/A |
| Multiple buffer overflows in OpenTTD before 1.1.3 allow local users to cause a denial of service (daemon crash) or possibly gain privileges via (1) a crafted BMP file with RLE compression or (2) crafted dimensions in a BMP file. | |||||
| CVE-2011-3342 | 1 Openttd | 1 Openttd | 2012-01-19 | 7.5 HIGH | N/A |
| Multiple buffer overflows in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors related to (1) NAME, (2) PLYR, (3) CHTS, or (4) AIPL (aka AI config) chunk loading from a savegame. | |||||
| CVE-2011-2685 | 1 Libreoffice | 1 Libreoffice | 2012-01-19 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the Lotus Word Pro import filter in LibreOffice before 3.3.3 allows remote attackers to execute arbitrary code via a crafted .lwp file. | |||||
| CVE-2011-2778 | 1 Tor | 1 Tor | 2012-01-19 | 7.6 HIGH | N/A |
| Multiple heap-based buffer overflows in Tor before 0.2.2.35 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by (1) establishing a SOCKS connection to SocksPort or (2) leveraging a SOCKS proxy configuration. | |||||
| CVE-2011-3223 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2012-01-14 | 6.8 MEDIUM | N/A |
| Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FLIC movie file. | |||||
| CVE-2011-3222 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2012-01-14 | 6.8 MEDIUM | N/A |
| Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file. | |||||
| CVE-2011-3217 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2012-01-14 | 6.8 MEDIUM | N/A |
| MediaKit in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted disk image. | |||||
| CVE-2011-0229 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2012-01-14 | 6.8 MEDIUM | N/A |
| Apple Type Services (ATS) in Apple Mac OS X through 10.6.8 does not properly handle embedded Type 1 fonts, which allows remote attackers to execute arbitrary code via a crafted document that triggers an out-of-bounds memory access. | |||||
| CVE-2011-0230 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2012-01-14 | 7.5 HIGH | N/A |
| Buffer overflow in the ATSFontDeactivate API in Apple Type Services (ATS) in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. | |||||
| CVE-2011-5059 | 1 Finaldraft | 1 Finaldraft | 2012-01-13 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in Final Draft 8 before 8.02 allows remote attackers to execute arbitrary code via a crafted SmartType element, a different vulnerability than CVE-2011-5002. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||