Search
Total
6142 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-1664 | 1 Google | 1 Chrome | 2017-09-19 | 5.0 MEDIUM | N/A |
| Google Chrome before 4.1.249.1064 does not properly handle HTML5 media, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2010-1608 | 1 Ibm | 1 Lotus Notes | 2017-09-19 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in IBM Lotus Notes 8.5 and 8.5fp1, and possibly other versions, allows remote attackers to execute arbitrary code via unknown attack vectors, as demonstrated by the vd_ln module in VulnDisco 9.0. NOTE: as of 20100222, this disclosure has no actionable information. However, because the VulnDisco author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2010-1560 | 1 Ibm | 1 Db2 | 2017-09-19 | 4.0 MEDIUM | N/A |
| Buffer overflow in the REPEAT function in IBM DB2 9.1 before FP9 allows remote authenticated users to cause a denial of service (trap) via unspecified vectors. NOTE: this might overlap CVE-2010-0462. | |||||
| CVE-2010-1527 | 1 Novell | 1 Iprint | 2017-09-19 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Novell iPrint Client before 5.44 allows remote attackers to execute arbitrary code via a long call-back-url parameter in an op-client-interface-version action. | |||||
| CVE-2010-1508 | 2 Apple, Microsoft | 2 Quicktime, Windows | 2017-09-19 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.6.9 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Track Header (aka tkhd) atoms. | |||||
| CVE-2010-1417 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2017-09-19 | 9.3 HIGH | N/A |
| The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via HTML content that contains multiple :after pseudo-selectors. | |||||
| CVE-2010-1410 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2017-09-19 | 9.3 HIGH | N/A |
| WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via an SVG document with nested use elements. | |||||
| CVE-2010-1399 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2017-09-19 | 9.3 HIGH | N/A |
| WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, accesses uninitialized memory during a selection change on a form input element, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document. | |||||
| CVE-2010-1241 | 3 Adobe, Apple, Microsoft | 3 Acrobat Reader, Mac Os X, Windows | 2017-09-19 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the custom heap management system in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document, aka FG-VD-10-005. | |||||
| CVE-2010-1212 | 1 Mozilla | 2 Firefox, Thunderbird | 2017-09-19 | 9.3 HIGH | N/A |
| js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) propagation of deep aborts in the TraceRecorder::record_JSOP_BINDNAME function, (2) depth handling in the TraceRecorder::record_JSOP_GETELEM function, and (3) tracing of out-of-range arguments in the TraceRecorder::record_JSOP_ARGSUB function. | |||||
| CVE-2010-1122 | 1 Mozilla | 1 Firefox | 2017-09-19 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Mozilla Firefox 3.5.x through 3.5.8 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly have unknown other impact via vectors that might involve compressed data, a different vulnerability than CVE-2010-1028. | |||||
| CVE-2010-0961 | 1 Ibm | 2 Aix, Vios | 2017-09-19 | 7.2 HIGH | N/A |
| Buffer overflow in qoslist in bos.net.tcp.server in IBM AIX 6.1 and VIOS 2.1 allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2010-0960 | 1 Ibm | 2 Aix, Vios | 2017-09-19 | 7.2 HIGH | N/A |
| Buffer overflow in qosmod in bos.net.tcp.server in IBM AIX 6.1 and VIOS 2.1 allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2010-0829 | 2 Jan-ake Larsson, Tug | 2 Dvipng, Tetex | 2017-09-19 | 4.3 MEDIUM | N/A |
| Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed DVI file. | |||||
| CVE-2010-0731 | 1 Gnu | 1 Gnutls | 2017-09-19 | 7.5 HIGH | N/A |
| The gnutls_x509_crt_get_serial function in the GnuTLS library before 1.2.1, when running on big-endian, 64-bit platforms, calls the asn1_read_value with a pointer to the wrong data type and the wrong length value, which allows remote attackers to bypass the certificate revocation list (CRL) check and cause a stack-based buffer overflow via a crafted X.509 certificate, related to extraction of a serial number. | |||||
| CVE-2009-4588 | 1 Awingsoft | 2 Awakening Winds3d Player, Awakening Winds3d Viewer | 2017-09-19 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the WindsPlayerIE.View.1 ActiveX control in WindsPly.ocx 3.5.0.0 Beta, 3.0.0.5, and earlier in AwingSoft Awakening Web3D Player and Winds3D Viewer allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long SceneUrl property value, a different vulnerability than CVE-2009-2386. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-4553 | 1 Rjvmedia | 1 Irehearse | 2017-09-19 | 5.0 MEDIUM | N/A |
| Stack-based buffer overflow in iRehearse allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long string in a .m3u playlist file. | |||||
| CVE-2009-4549 | 1 Cdmi | 1 A2 Media Player Pro | 2017-09-19 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in A2 Media Player Pro 2.51 allows remote attackers to execute arbitrary code via a long string in a (1) .m3u or (2) .m3l playlist file. | |||||
| CVE-2009-4376 | 1 Wireshark | 1 Wireshark | 2017-09-19 | 9.3 HIGH | N/A |
| Buffer overflow in the daintree_sna_read function in the Daintree SNA file parser in Wireshark 1.2.0 through 1.2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet. | |||||
| CVE-2009-4313 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2017-09-19 | 9.3 HIGH | N/A |
| ir32_32.dll 3.24.15.3 in the Indeo32 codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to cause a denial of service (heap corruption) or execute arbitrary code via malformed data in a stream in a media file, as demonstrated by an AVI file. | |||||
| CVE-2009-4248 | 3 Apple, Microsoft, Realnetworks | 6 Mac Os X, Windows, Helix Player and 3 more | 2017-09-19 | 9.3 HIGH | N/A |
| Buffer overflow in the RTSPProtocol::HandleSetParameterRequest function in client/core/rtspprotocol.cpp in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted RTSP SET_PARAMETER request. | |||||
| CVE-2009-4247 | 3 Apple, Microsoft, Realnetworks | 6 Mac Os X, Windows, Helix Player and 3 more | 2017-09-19 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.x; RealPlayer SP 1.0.0 and 1.0.1; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, 11.0, and 11.0.1; Linux RealPlayer 10, 11.0.0, and 11.0.1; and Helix Player 10.x, 11.0.0, and 11.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an ASM RuleBook with a large number of rules, related to an "array overflow." | |||||
| CVE-2009-4245 | 3 Apple, Microsoft, Realnetworks | 6 Mac Os X, Windows, Helix Player and 3 more | 2017-09-19 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a compressed GIF file, related to gifcodec.cpp and gifimage.cpp. | |||||
| CVE-2009-4107 | 1 Amplusnet | 1 Invisible Browsing | 2017-09-19 | 9.3 HIGH | N/A |
| Buffer overflow in Invisible Browsing 5.0.52 allows user-assisted remote attackers to execute arbitrary code via a crafted .ibkey file containing a long string. | |||||
| CVE-2009-4020 | 1 Linux | 1 Linux Kernel | 2017-09-19 | 7.8 HIGH | N/A |
| Stack-based buffer overflow in the hfs subsystem in the Linux kernel 2.6.32 allows remote attackers to have an unspecified impact via a crafted Hierarchical File System (HFS) filesystem, related to the hfs_readdir function in fs/hfs/dir.c. | |||||
| CVE-2009-4005 | 1 Linux | 1 Linux Kernel | 2017-09-19 | 7.2 HIGH | N/A |
| The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the Linux kernel before 2.6.32-rc7 allows attackers to have an unspecified impact via a crafted HDLC packet that arrives over ISDN and triggers a buffer under-read. | |||||
| CVE-2009-3969 | 1 Faslo | 1 Faslo Player | 2017-09-19 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Faslo Player 7.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a .m3u playlist file. | |||||
| CVE-2009-3976 | 1 Labtam-inc | 1 Proftp | 2017-09-19 | 9.3 HIGH | N/A |
| Buffer overflow in Labtam ProFTP 2.9 allows remote FTP servers to cause a denial of service (application crash) or execute arbitrary code via a long 220 reply (aka connection greeting or welcome message). | |||||
| CVE-2009-3947 | 1 Tandberg | 1 Tandberg Mxp Endpoints | 2017-09-19 | 9.3 HIGH | N/A |
| Buffer overflow in the FTP service on the Tandberg MXP F7.0 allows remote attackers to cause a denial of service (process crash or device reboot) or possibly execute arbitrary code via a long USER command, as demonstrated by a command ending with many space characters. | |||||
| CVE-2009-3863 | 1 Novell | 1 Groupwise | 2017-09-19 | 5.0 MEDIUM | N/A |
| Buffer overflow in the gxmim1.dll ActiveX control in Novell Groupwise Client 7.0.3.1294 allows remote attackers to cause a denial of service (application crash) via a long argument to the SetFontFace method. | |||||
| CVE-2009-3859 | 1 Eeye | 2 Retina Network Security Scanner, Retina Wifi Scanner | 2017-09-19 | 9.3 HIGH | N/A |
| Buffer overflow in eEye Retina WiFi Scanner 1.0.8.68, as used in Retina Network Security Scanner 5.10.14, allows user-assisted remote attackers to cause a denial of service (application crash) or execute arbitrary code via a .rws file with a long RWS010 entry. | |||||
| CVE-2009-3857 | 1 Softonic | 1 Scite | 2017-09-19 | 4.3 MEDIUM | N/A |
| Buffer overflow in Softonic International SciTE 1.72 allows user-assisted remote attackers to cause a denial of service (application crash) via a Ruby (.rb) file containing a long string, which triggers the crash when a scroll bar is used. | |||||
| CVE-2009-3812 | 1 Otslabs | 3 Otsav Dj, Otsav Radio, Otsav Tv | 2017-09-19 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in OtsAV DJ trial version 1.85.64.0, Radio trial version 1.85.64.0, TV trial version 1.85.64.0, and Free version 1.77.001 allows remote attackers to execute arbitrary code via a long playlist in an Ots File List (.ofl) file. | |||||
| CVE-2009-3811 | 1 Assistanttools | 1 Music Tag Editor | 2017-09-19 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Music Tag Editor 1.61 build 212 allows remote attackers to execute arbitrary code via an MP3 file with a long ID3 tag. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-3810 | 1 Acoustica | 1 Mp3 Audio Mixer | 2017-09-19 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Acoustica MP3 Audio Mixer 2.471 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long string in a .M3U playlist file. | |||||
| CVE-2009-3809 | 1 Acoustica | 1 Mp3 Audio Mixer | 2017-09-19 | 4.3 MEDIUM | N/A |
| Acoustica MP3 Audio Mixer 1.0 and possibly 2.471 allows remote attackers to cause a denial of service (crash) via a long string in a .sgp playlist file. | |||||
| CVE-2009-3807 | 1 Mixvibes | 1 Mixvibes | 2017-09-19 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in MixVibes 7.043 Pro allows remote attackers to cause a denial of service (crash) via a long string in a .vib file. | |||||
| CVE-2009-3717 | 1 Lucvil | 1 Patplayer | 2017-09-19 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in LucVil PatPlayer 3.9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long URI in a playlist (.m3u) file. | |||||
| CVE-2009-3670 | 1 Ksplayer | 1 Ksp Sound Player | 2017-09-19 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in KSP Sound Player 2009 R2 and R2.1 allows remote attackers to execute arbitrary code via a long string in a .m3u playlist file. | |||||
| CVE-2009-3574 | 1 Tony Million | 1 Tuniac | 2017-09-19 | 9.3 HIGH | N/A |
| Tuniac 090517c allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long File1 argument in a .pls playlist file, possibly a buffer overflow. | |||||
| CVE-2009-3537 | 1 Epicdjsoftware | 1 Epicdj | 2017-09-19 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in EpicDJSoftware EpicDJ 1.3.9.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a (1) .m3u or (2) .mpl playlist file. | |||||
| CVE-2009-3546 | 2 Libgd, Php | 2 Gd Graphics Library, Php | 2017-09-19 | 9.3 HIGH | N/A |
| The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different vulnerability than CVE-2009-3293. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-3536 | 1 Epicdjsoftware | 1 Epicvj | 2017-09-19 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in EpicDJSoftware EpicVJ 1.2.8.0 and 1.3.1.2 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a (1) .m3u or (2) .mpl playlist file. | |||||
| CVE-2009-3463 | 1 Adobe | 1 Shockwave Player | 2017-09-19 | 9.3 HIGH | N/A |
| Array index error in Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via crafted Shockwave content on a web site. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-3429 | 1 Pirateradio | 1 Destiny Media Player | 2017-09-19 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Pirate Radio Destiny Media Player 1.61 allows remote attackers to execute arbitrary code via a long string in a .pls playlist file. | |||||
| CVE-2009-3428 | 1 Otbcode | 1 Easy Music Player | 2017-09-19 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Easy Music Player 1.0.0.2 allows remote attackers to execute arbitrary code via a crafted .wav file. | |||||
| CVE-2009-3431 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2017-09-19 | 5.0 MEDIUM | N/A |
| Stack consumption vulnerability in Adobe Reader and Acrobat 9.1.3, 9.1.2, 9.1.1, and earlier 9.x versions; 8.1.6 and earlier 8.x versions; and possibly 7.1.4 and earlier 7.x versions allows remote attackers to cause a denial of service (application crash) via a PDF file with a large number of [ (open square bracket) characters in the argument to the alert method. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-3364 | 1 Ftpshell | 1 Ftpshell | 2017-09-19 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in FTPShell Client 4.1 RC2 allows remote FTP servers to execute arbitrary code via a long response to a PASV command. | |||||
| CVE-2009-3329 | 1 Exeter | 1 Winplot | 2017-09-19 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Winplot 1.25.0.1 allows user-assisted remote attackers to execute arbitrary code via a crafted Plot2D (.wp2) file. | |||||
| CVE-2009-3338 | 1 Effectmatrix | 1 Magic Morph | 2017-09-19 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in EffectMatrix (E.M.) Magic Morph 1.95b allows remote attackers to execute arbitrary code via a long string in a .mor file. | |||||