Search
Total
6142 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-2968 | 1 Ibm | 1 Sterling Control Center | 2017-08-29 | 6.3 MEDIUM | N/A |
| An unspecified buffer-read method in IBM Sterling Control Center (SCC) 5.2 before 5.2.0.9, 5.3 before 5.3.0.4, and 5.4 through 5.4.0.1 allows remote authenticated users to cause a denial of service via a large file that lacks end-of-line characters. | |||||
| CVE-2013-0541 | 2 Ibm, Microsoft | 2 Websphere Application Server, Windows | 2017-08-29 | 1.9 LOW | N/A |
| Buffer overflow in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2 on Windows, when a localOS registry is used in conjunction with WebSphere Identity Manger (WIM), allows local users to cause a denial of service (daemon crash) via unspecified vectors. | |||||
| CVE-2013-3464 | 1 Cisco | 1 Ios Xr | 2017-08-29 | 4.6 MEDIUM | N/A |
| Cisco IOS XR allows local users to cause a denial of service (Silicon Packet Processor memory corruption, improper mutex handling, and device reload) by starting an outbound flood of large ICMP Echo Request packets and stopping this with a CTRL-C sequence, aka Bug ID CSCui60347. | |||||
| CVE-2013-6411 | 1 Openttd | 1 Openttd | 2017-08-29 | 5.0 MEDIUM | N/A |
| The HandleCrashedAircraft function in aircraft_cmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) by crashing an aircraft outside of the map. | |||||
| CVE-2013-3474 | 1 Cisco | 1 Wireless Lan Controller | 2017-08-29 | 6.3 MEDIUM | N/A |
| The Web Administrator Interface on Cisco Wireless LAN Controller (WLC) devices allows remote authenticated users to cause a denial of service (device crash) by leveraging membership in the Full Manager managers group, Read Only managers group, or Lobby Ambassador managers group, and sending a request that (1) lacks a parameter value or (2) contains a malformed parameter value, aka Bug IDs CSCuh14313, CSCuh14159, CSCuh14368, and CSCuh14436. | |||||
| CVE-2013-3662 | 1 Google | 1 Sketchup | 2017-08-29 | 9.3 HIGH | N/A |
| Timbre SketchUp (formerly Google SketchUp) before 8 Maintenance 2 allows remote attackers to execute arbitrary code via a crafted color palette table in a MAC Pict texture, which triggers a stack-based buffer overflow. | |||||
| CVE-2013-2254 | 1 Apache | 2 Org.apache.sling.servlets.post, Sling | 2017-08-29 | 5.0 MEDIUM | N/A |
| The deepGetOrCreateNode function in impl/operations/AbstractCreateOperation.java in org.apache.sling.servlets.post.bundle 2.2.0 and 2.3.0 in Apache Sling does not properly handle a NULL value that returned when the session does not have permissions to the root node, which allows remote attackers to cause a denial of service (infinite loop) via unspecified vectors. | |||||
| CVE-2013-4977 | 1 Hikvision | 2 Ds-2cd7153-e, Ds-2cd7153-e Firmware | 2017-08-29 | 10.0 HIGH | N/A |
| Buffer overflow in the RTSP Packet Handler in Hikvision DS-2CD7153-E IP camera with firmware 4.1.0 b130111 (Jan 2013), and possibly other devices, allows remote attackers to cause a denial of service (device crash and reboot) and possibly execute arbitrary code via a long string in the Range header field in an RTSP transaction. | |||||
| CVE-2013-3986 | 1 Ibm | 1 Lotus Sametime | 2017-08-29 | 4.3 MEDIUM | N/A |
| IBM Lotus Sametime 8.5.2 and 8.5.2.1 allows remote attackers to cause a denial of service (WebPlayer Firefox extension crash) via a crafted Audio Visual (AV) session. | |||||
| CVE-2013-2962 | 1 Ibm | 1 Websphere Transformation Extender | 2017-08-29 | 4.9 MEDIUM | N/A |
| Buffer overflow in the Launcher in IBM WebSphere Transformation Extender 8.4.x before 8.4.0.4 allows local users to cause a denial of service (process crash or Admin Console command-stream outage) via unspecified vectors. | |||||
| CVE-2013-3928 | 1 Jpchacha | 1 Chasys Draw Ies | 2017-08-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the ReadFile function in flt_BMP.dll in Chasys Draw IES before 4.11.02 allows remote attackers to execute arbitrary code via crafted biPlanes and biBitCount fields in a BMP file. | |||||
| CVE-2013-5469 | 1 Cisco | 1 Ios | 2017-08-29 | 7.1 HIGH | N/A |
| The TCP implementation in Cisco IOS does not properly implement the transitions from the ESTABLISHED state to the CLOSED state, which allows remote attackers to cause a denial of service (flood of ACK packets) via a crafted series of ACK and FIN packets, aka Bug ID CSCtz14399. | |||||
| CVE-2013-2964 | 1 Ibm | 1 Tivoli Storage Manager | 2017-08-29 | 7.2 HIGH | N/A |
| Buffer overflow in dsmtca in IBM Tivoli Storage Manager (TSM) through 5.5.4.0, 6.1.0 through 6.1.5.4, 6.2.0 through 6.2.4.7, and 6.3.0 through 6.3.0.17 on UNIX and Linux allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2013-2576 | 1 B-e-soft | 1 Artweaver | 2017-08-29 | 6.8 MEDIUM | N/A |
| Buffer overflow in Artweaver before 3.1.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted AWD file. | |||||
| CVE-2013-2577 | 1 Xnview | 1 Xnview | 2017-08-29 | 9.3 HIGH | N/A |
| Buffer overflow in XnView before 2.04 allows remote attackers to execute arbitrary code via a crafted PCT file. | |||||
| CVE-2013-2298 | 1 Rom Walton | 1 Boinc | 2017-08-29 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in the XML parser in BOINC 7.x allow attackers to have unspecified impact via a crafted XML file, related to the scheduler. | |||||
| CVE-2013-2691 | 1 Jetaudio | 1 Jetaudio | 2017-08-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the JetMPG.ax module in jetAudio 8.0.17 allows remote attackers to execute arbitrary code via a crafted MPEG2-TS video file, related to the MPEG2 transport stream. | |||||
| CVE-2013-6013 | 1 Juniper | 13 Junos, Srx100, Srx110 and 10 more | 2017-08-29 | 6.8 MEDIUM | N/A |
| Buffer overflow in the flow daemon (flowd) in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R7-S2, 12.1.X44 before 12.1X44-D15, 12.1X45 before 12.1X45-D10 on SRX devices, when using telnet pass-through authentication on the firewall, might allow remote attackers to execute arbitrary code via a crafted telnet message. | |||||
| CVE-2013-1794 | 1 Openafs | 1 Openafs | 2017-08-29 | 6.5 MEDIUM | N/A |
| Buffer overflow in certain client utilities in OpenAFS before 1.6.2 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long fileserver ACL entry. | |||||
| CVE-2013-2019 | 1 Rom Walton | 1 Boinc | 2017-08-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in BOINC 6.10.58 and 6.12.34 allows remote attackers to have unspecified impact via multiple file_signature elements. | |||||
| CVE-2013-1605 | 1 Maygion | 1 Ip Camera Firmware | 2017-08-29 | 7.5 HIGH | N/A |
| Buffer overflow in MayGion IP Cameras with firmware before 2013.04.22 (05.53) allows remote attackers to execute arbitrary code via a long filename in a GET request. | |||||
| CVE-2013-5447 | 1 Ibm | 1 Forms Viewer | 2017-08-29 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in IBM Forms Viewer 4.x before 4.0.0.3 and 8.x before 8.0.1.1 allows remote attackers to execute arbitrary code via an XFDL form with a long fontname value. | |||||
| CVE-2013-6370 | 2 Fedoraproject, Json-c Project | 2 Fedora, Json-c | 2017-08-29 | 5.0 MEDIUM | N/A |
| Buffer overflow in the printbuf APIs in json-c before 0.12 allows remote attackers to cause a denial of service via unspecified vectors. | |||||
| CVE-2013-4694 | 1 Nullsoft | 1 Winamp | 2017-08-29 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in gen_jumpex.dll in Winamp before 5.64 Build 3418 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a package with a long Skin directory name. NOTE: a second buffer overflow involving a long GUI Search field to ml_local.dll was also reported. However, since it is only exploitable by the user of the application, this issue would not cross privilege boundaries unless Winamp is running under a highly restricted environment such as a kiosk. | |||||
| CVE-2013-5387 | 1 Ibm | 1 Platform Symphony | 2017-08-29 | 4.3 MEDIUM | N/A |
| Buffer overflow in IBM Platform Symphony 5.2, 6.1, and 6.1.1 allows remote attackers to cause a denial of service (process crash or hang) via a malformed SOAP request with a large amount of request data. | |||||
| CVE-2013-4742 | 1 Netwin | 1 Surgeftp | 2017-08-29 | 7.5 HIGH | N/A |
| Buffer overflow in NetWin SurgeFTP before 23d2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string within the authentication request. | |||||
| CVE-2013-4068 | 1 Ibm | 2 Lotus Domino, Lotus Inotes | 2017-08-29 | 7.1 HIGH | N/A |
| Buffer overflow in iNotes in IBM Domino 8.5.3 before FP5 IF1 and 9.0 before IF4 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka SPR PTHN9ADPA8. | |||||
| CVE-2013-0509 | 1 Ibm | 2 Tivoli Netcool Application Service Monitors, Tivoli Netcool System Service Monitors | 2017-08-29 | 7.6 HIGH | N/A |
| Buffer overflow in the Transaction MIB agent in IBM Tivoli Netcool System Service Monitors (SSM) and Application Service Monitors (ASM) 4.0.0 before FP14 allows remote attackers to execute arbitrary code via a SQL transaction with a long table name that is not properly handled by a packet decoder. | |||||
| CVE-2013-1864 | 3 Ekiga, Opalvoip, Suse | 4 Ekiga, Portable Tool Library, Suse Linux Enterprise Desktop and 1 more | 2017-08-29 | 4.3 MEDIUM | N/A |
| The Portable Tool Library (aka PTLib) before 2.10.10, as used in Ekiga before 4.0.1, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted PXML document containing a large number of nested entity references, aka a "billion laughs attack." | |||||
| CVE-2013-5415 | 1 Ibm | 1 Rational Clearcase | 2017-08-29 | 7.2 HIGH | N/A |
| Buffer overflow in IBM Rational ClearCase through 7.1.2.12, 8.0.0.x before 8.0.0.9, and 8.0.1.x before 8.0.1.2 allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2013-0508 | 1 Ibm | 2 Tivoli Netcool Application Service Monitors, Tivoli Netcool System Service Monitors | 2017-08-29 | 7.6 HIGH | N/A |
| Multiple buffer overflows in IBM Tivoli Netcool System Service Monitors (SSM) and Application Service Monitors (ASM) 4.0.0 before FP14 and 4.0.1 before FP1 allow context-dependent attackers to execute arbitrary code or cause a denial of service via a long line in (1) hrfstable.idx, (2) hrdevice.idx, (3) hrstorage.idx, or (4) lotusmapfile in the SSM Config directory, or (5) .manifest.hive in the main agent directory. | |||||
| CVE-2013-0512 | 1 Ibm | 2 Rational Policy Tester, Security Appscan | 2017-08-29 | 4.3 MEDIUM | N/A |
| Stack-based buffer overflow in the Manual Explore browser plug-in for Firefox in IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 and IBM Rational Policy Tester 5.6 and 8.x before 8.5.0.4 allows remote attackers to cause a denial of service (plug-in crash) via a crafted web page. | |||||
| CVE-2013-0242 | 1 Gnu | 1 Glibc | 2017-08-29 | 5.0 MEDIUM | N/A |
| Buffer overflow in the extend_buffers function in the regular expression matcher (posix/regexec.c) in glibc, possibly 2.17 and earlier, allows context-dependent attackers to cause a denial of service (memory corruption and crash) via crafted multibyte characters. | |||||
| CVE-2013-4565 | 1 Debian | 1 Ppthtml | 2017-08-29 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in the __OLEdecode function in ppthtml 0.5.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted .ppt file. | |||||
| CVE-2013-3663 | 1 Google | 1 Sketchup | 2017-08-29 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in paintlib, as used in Trimble SketchUp (formerly Google SketchUp) before 8 Maintenance 3, allows remote attackers to execute arbitrary code via a crafted RLE8 compressed BMP. | |||||
| CVE-2013-2960 | 1 Ibm | 2 Application Manager For Smart Business, Tivoli Monitoring | 2017-08-29 | 5.0 MEDIUM | N/A |
| Buffer overflow in KDSMAIN in the Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business (formerly Tivoli Foundations Application Manager) 1.2.1 before 1.2.1.0-TIV-IAMSB-FP0004 and other products, allows remote attackers to cause a denial of service (segmentation fault) via a crafted http URL. | |||||
| CVE-2012-6128 | 1 Infradead | 1 Openconnect | 2017-08-29 | 5.0 MEDIUM | N/A |
| Multiple stack-based buffer overflows in http.c in OpenConnect before 4.08 allow remote VPN gateways to cause a denial of service (application crash) via a long (1) hostname, (2) path, or (3) cookie list in a response. | |||||
| CVE-2012-4886 | 1 Kingsoft | 1 Office 2012 | 2017-08-29 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in wpsio.dll in Kingsoft WPS Office 2012 possibly 8.1.0.3238 allows remote attackers to execute arbitrary code via a long BSTR string. | |||||
| CVE-2012-5947 | 1 Ibm | 1 Spss Samplepower | 2017-08-29 | 9.3 HIGH | N/A |
| Buffer overflow in the vsflex7l ActiveX control in IBM SPSS SamplePower 3.0 before FP1 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2012-4875 | 1 Artifex | 1 Gpl Ghostscript | 2017-08-29 | 9.3 HIGH | N/A |
| ** DISPUTED ** Heap-based buffer overflow in gdevwpr2.c in Ghostscript 9.04, when processing the OutputFile device parameter, allows user-assisted remote attackers to execute arbitrary code via a long file name in a PostScript document. NOTE: as of 20120314, the developer was not able to reproduce the issue and disputed it. | |||||
| CVE-2012-5120 | 2 Google, Linux | 3 Chrome, V8, Linux Kernel | 2017-08-29 | 7.5 HIGH | N/A |
| Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.64, on 64-bit Linux platforms allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds access to an array. | |||||
| CVE-2012-4857 | 1 Ibm | 1 Informix Dynamic Server | 2017-08-29 | 9.0 HIGH | N/A |
| Buffer overflow in IBM Informix 11.50 through 11.50.xC9W2 and 11.70 before 11.70.xC7 allows remote authenticated users to execute arbitrary code via a crafted SQL statement. | |||||
| CVE-2012-6553 | 1 Angusj | 1 Resource Hacker | 2017-08-29 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Resource Hacker 3.6.0.92 allows remote attackers to execute arbitrary code via a Portable Executable (PE) file with a resource section containing a string that has many tab or line feed characters. | |||||
| CVE-2012-5945 | 1 Ibm | 1 Spss Samplepower | 2017-08-29 | 9.3 HIGH | N/A |
| Multiple buffer overflows in the Vsflex8l ActiveX control in IBM SPSS SamplePower 3.0 before FP1 allow remote attackers to execute arbitrary code via a long (1) ComboList or (2) ColComboList property value. | |||||
| CVE-2012-5946 | 1 Ibm | 1 Spss Samplepower | 2017-08-29 | 9.3 HIGH | N/A |
| Buffer overflow in the c1sizer ActiveX control in C1sizer.ocx in IBM SPSS SamplePower 3.0 before FP1 allows remote attackers to execute arbitrary code via a long TabCaption string. | |||||
| CVE-2012-5904 | 1 Irfanview | 1 Irfanview | 2017-08-29 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in IrfanView before 4.33 allows remote attackers to execute arbitrary code via a crafted RLE compressed bitmap file such as a DIB, RLE, or BMP image. | |||||
| CVE-2012-4894 | 1 Google | 1 Sketchup | 2017-08-29 | 9.3 HIGH | N/A |
| Google SketchUp before 8.0.14346 (aka 8 Maintenance 3) allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SKP file. | |||||
| CVE-2012-5115 | 2 Apple, Google | 2 Mac Os X, Chrome | 2017-08-29 | 7.5 HIGH | N/A |
| Google Chrome before 23.0.1271.64 on Mac OS X does not properly mitigate improper write behavior in graphics drivers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger "wild writes." | |||||
| CVE-2012-5953 | 1 Ibm | 1 Websphere Message Broker | 2017-08-29 | 4.3 MEDIUM | N/A |
| IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.6, and 8.0 before 8.0.0.2, when the Parse Query Strings option is enabled on an HTTPInput node, allows remote attackers to cause a denial of service (infinite loop) via a crafted query string. | |||||
| CVE-2012-5257 | 5 Adobe, Apple, Google and 2 more | 8 Adobe Air, Adobe Air Sdk, Flash Player and 5 more | 2017-08-29 | 10.0 HIGH | N/A |
| Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. | |||||