Search
Total
6142 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-2023 | 1 Adobe | 2 Illustrator, Illustrator Cs5.5 | 2017-08-29 | 10.0 HIGH | N/A |
| Adobe Illustrator before CS6 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0780, CVE-2012-2024, CVE-2012-2025, and CVE-2012-2026. | |||||
| CVE-2012-1465 | 1 Netmechanica | 1 Netdecision | 2017-08-29 | 4.3 MEDIUM | N/A |
| Stack-based buffer overflow in the HTTP Server in NetMechanica NetDecision before 4.6.1 allows remote attackers to cause a denial of service (application crash) via a long URL in an HTTP request. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2012-1222 | 1 Rabidhamster | 1 R2\/extreme | 2017-08-29 | 8.5 HIGH | N/A |
| Stack-based buffer overflow in RabidHamster R2/Extreme 1.65 and earlier allows remote authenticated users to execute arbitrary code via a long string to TCP port 23. | |||||
| CVE-2012-1176 | 1 Fribidi | 1 Pyfribidi | 2017-08-29 | 5.0 MEDIUM | N/A |
| Buffer overflow in the fribidi_utf8_to_unicode function in PyFriBidi before 0.11.0 allows remote attackers to cause a denial of service (application crash) via a 4-byte utf-8 sequence. | |||||
| CVE-2012-1181 | 1 Apache | 2 Http Server, Mod Fcgid | 2017-08-29 | 5.0 MEDIUM | N/A |
| fcgid_spawn_ctl.c in the mod_fcgid module 2.3.6 for the Apache HTTP Server does not recognize the FcgidMaxProcessesPerClass directive for a virtual host, which makes it easier for remote attackers to cause a denial of service (memory consumption) via a series of HTTP requests that triggers a process count higher than the intended limit. | |||||
| CVE-2012-1055 | 1 Pl32 | 1 Photoline | 2017-08-29 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in PhotoLine 17.01 and possibly other versions before 17.02 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment. | |||||
| CVE-2012-1052 | 1 Ivanview | 1 Ivanview | 2017-08-29 | 6.8 MEDIUM | N/A |
| Buffer overflow in IvanView 1.2.15 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment. | |||||
| CVE-2012-1051 | 1 Xnview | 1 Xnview | 2017-08-29 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in Xjp2.dll in the JPEG2000 plug-in in XnView 1.98.5 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment. | |||||
| CVE-2012-0985 | 1 Sony | 4 Smartwi Connection Utillity, Vaio Easy Connect, Vaio Pc Wireless Lan Wizard and 1 more | 2017-08-29 | 9.3 HIGH | N/A |
| Multiple buffer overflows in the Wireless Manager ActiveX control 4.0.0.0 in WifiMan.dll in Sony VAIO PC Wireless LAN Wizard 1.0; VAIO Wireless Wizard 1.00, 1.00_64, 1.0.1, 2.0, and 3.0; SmartWi Connection Utility 4.7, 4.7.4, 4.8, 4.9, 4.10, and 4.11; and VAIO Easy Connect software 1.0.0 and 1.1.0 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the second argument of the (1) SetTmpProfileOption or (2) ConnectToNetwork method. | |||||
| CVE-2012-0978 | 1 Luratech | 1 Lurawave Jp2 Browser Plug-in | 2017-08-29 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in npjp2.dll in LuraWave JP2 Browser Plug-In 1.1.1.11 and other versions before 2.1.1.11 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment. | |||||
| CVE-2012-0977 | 1 Luratech | 1 Lurawave Jp2 Activex Control | 2017-08-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in jp2_x.dll in LuraWave JP2 ActiveX Control 2.1.5.5 and other versions before 2.1.5.11 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment. | |||||
| CVE-2012-1184 | 1 Digium | 1 Asterisk | 2017-08-29 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the ast_parse_digest function in main/utils.c in Asterisk 1.8.x before 1.8.10.1 and 10.x before 10.2.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string in an HTTP Digest Authentication header. | |||||
| CVE-2012-0897 | 1 Irfanview | 1 Irfanview | 2017-08-29 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in the JPEG2000 plugin in IrfanView PlugIns before 4.33 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment. | |||||
| CVE-2012-0852 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2017-08-29 | 6.8 MEDIUM | N/A |
| The adpcm_decode_frame function in adpcm.c in libavcodec in FFmpeg before 0.9.1 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an ADPCM file with the number of channels not equal to two. | |||||
| CVE-2012-0851 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2017-08-29 | 6.8 MEDIUM | N/A |
| The ff_h264_decode_seq_parameter_set function in h264_ps.c in libavcodec in FFmpeg before 0.9.1 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted H.264 file, related to the chroma_format_idc value. | |||||
| CVE-2012-0848 | 1 Ffmpeg | 1 Ffmpeg | 2017-08-29 | 4.3 MEDIUM | N/A |
| Heap-based buffer overflow in the ws_snd_decode_frame function in libavcodec/ws-snd1.c in FFmpeg 0.9.1 allows remote attackers to cause a denial of service (application crash) via a crafted media file, related to an incorrect calculation, aka "wrong samples count." | |||||
| CVE-2012-0859 | 1 Ffmpeg | 1 Ffmpeg | 2017-08-29 | 6.8 MEDIUM | N/A |
| The render_line function in the vorbis codec (vorbis.c) in libavcodec in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Vorbis file, related to a large multiplier. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3893. | |||||
| CVE-2012-0762 | 1 Adobe | 1 Shockwave Player | 2017-08-29 | 10.0 HIGH | N/A |
| The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0757, CVE-2012-0760, CVE-2012-0761, CVE-2012-0763, CVE-2012-0764, and CVE-2012-0766. | |||||
| CVE-2012-0761 | 1 Adobe | 1 Shockwave Player | 2017-08-29 | 10.0 HIGH | N/A |
| The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0757, CVE-2012-0760, CVE-2012-0762, CVE-2012-0763, CVE-2012-0764, and CVE-2012-0766. | |||||
| CVE-2012-2108 | 1 Csounds | 1 Csound | 2017-08-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the main function in util/lpci_main.c in Csound before 5.17.2, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted file. | |||||
| CVE-2012-0275 | 1 Adobe | 2 Photoshop Cs5.5, Photoshop Cs6 | 2017-08-29 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Photoshop.exe in Adobe Photoshop CS5 12.x before 12.0.5, CS5.1 12.1.x before 12.1.1, and CS6 13.x before 13.0.1 allows remote attackers to execute arbitrary code via a crafted TIFF image with SGI24LogLum compression. | |||||
| CVE-2012-0284 | 1 Cisco | 2 Linksys Playerpt Activex Control, Wvc200 Wireless-g Ptz Internet Video Camera | 2017-08-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the SetSource method in the Cisco Linksys PlayerPT ActiveX control 1.0.0.15 in PlayerPT.ocx on the Cisco WVC200 Wireless-G PTZ Internet video camera allows remote attackers to execute arbitrary code via a long URL in the first argument (aka the sURL argument). | |||||
| CVE-2012-0273 | 1 Hans Alshoff | 1 Minalic | 2017-08-29 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in MinaliC 2.0.0 allow remote attackers to execute arbitrary code via a (1) session_id cookie in a request to the get_cookie_value function in response.c, (2) directory name in a request to the add_default_file function in response.c, or (3) file name in a request to the retrieve_physical_file_name_or_brows function in response.c. | |||||
| CVE-2012-0266 | 1 Ntrglobal | 1 Ntr Activex Control | 2017-08-29 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in the NTR ActiveX control before 2.0.4.8 allow remote attackers to execute arbitrary code via (1) a long bstrUrl parameter to the StartModule method, (2) a long bstrParams parameter to the Check method, a long bstrUrl parameter to the (3) Download or (4) DownloadModule method during construction of a .ntr pathname, or a long bstrUrl parameter to the (5) Download or (6) DownloadModule method during construction of a URL. | |||||
| CVE-2012-0227 | 2 Componentone, Opcsystems | 2 Flexgrid, Opcsystems.net | 2017-08-29 | 9.3 HIGH | N/A |
| Buffer overflow in the VSFlex7.VSFlexGrid ActiveX control in ComponentOne FlexGrid 7.1, as used in Open Automation Software OPC Systems.NET, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long archive file name argument to the Archive method. | |||||
| CVE-2012-0202 | 1 Ibm | 1 Cognos Tm1 | 2017-08-29 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in tm1admsd.exe in the Admin Server in IBM Cognos TM1 9.4.x and 9.5.x before 9.5.2 FP2 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted data. | |||||
| CVE-2012-0201 | 1 Ibm | 1 Personal Communications | 2017-08-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in pcspref.dll in pcsws.exe in IBM Personal Communications 5.9.x before 5.9.8 and 6.0.x before 6.0.4 might allow remote attackers to execute arbitrary code via a long profile string in a WorkStation (aka .ws) file. | |||||
| CVE-2012-0065 | 1 Nikias Bassen | 1 Usbmuxd | 2017-08-29 | 4.6 MEDIUM | N/A |
| Heap-based buffer overflow in the receive_packet function in libusbmuxd/libusbmuxd.c in usbmuxd 1.0.5 through 1.0.7 allows physically proximate attackers to execute arbitrary code via a long SerialNumber field in a property list. | |||||
| CVE-2012-0029 | 1 Kvm Group | 1 Qemu-kvm | 2017-08-29 | 7.4 HIGH | N/A |
| Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service (QEMU crash) and possibly execute arbitrary code via crafted legacy mode packets. | |||||
| CVE-2011-5227 | 1 Enterasys | 1 Netsight | 2017-08-29 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the Syslog service (nssyslogd.exe) in Enterasys Network Management Suite (NMS) before 4.1.0.80 allows remote attackers to execute arbitrary code via a long PRIO field in a message to UDP port 514. | |||||
| CVE-2011-5202 | 1 Sysprogs | 1 Wincdemu | 2017-08-29 | 2.1 LOW | N/A |
| BazisVirtualCDBus.sys in WinCDEmu 3.6 allows local users to cause a denial of service (system crash) via the unmount command to batchmnt.exe. | |||||
| CVE-2011-5233 | 1 Irfanview | 1 Irfanview | 2017-08-29 | 4.3 MEDIUM | N/A |
| Heap-based buffer overflow in IrfanView before 4.32 allows remote attackers to execute arbitrary code via crafted "Rows Per Strip" and "Samples Per Pixel" values in a TIFF image file. | |||||
| CVE-2011-5173 | 1 Bugbear | 1 Flatout | 2017-08-29 | 6.8 MEDIUM | N/A |
| Buffer overflow in Bugbear Entertainment FlatOut 2005 allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the title field in a bed file. | |||||
| CVE-2011-5172 | 1 Powerproduction | 1 Storyboard Quick | 2017-08-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in StoryBoard Quick 6 Build 3786, and possibly StoryBoard Artist and StoryBoard Studio, allows remote attackers to execute arbitrary code via a long string in the string element field in a frame xml file. | |||||
| CVE-2011-5171 | 1 Cyberlink | 1 Power2go | 2017-08-29 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in CyberLink Power2Go 7 (build 196) and 8 (build 1031) allow remote attackers to execute arbitrary code via the (1) src and (2) name parameters in a p2g project file. | |||||
| CVE-2011-5170 | 1 Castillobueno | 1 Ccmplayer | 2017-08-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Castillo Bueno Systems CCMPlayer 1.5 allows remote attackers to execute arbitrary code via a long track name in an m3u playlist. | |||||
| CVE-2011-5167 | 2 Oracle, Tidestone | 2 Hyperion Strategic Finance, Formula One Activex Control | 2017-08-29 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the SetDevNames method of the Tidestone Formula One ActiveX control (TTF16.ocx) 6.3.5 Build 1 in Oracle Hyperion Strategic Finance 12.x and possibly earlier allows remote attackers to execute arbitrary code via a long string to the DriverName parameter. | |||||
| CVE-2011-5166 | 1 Elif Keir | 1 Knftp | 2017-08-29 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in KnFTP 1.0.0 allow remote attackers to execute arbitrary code via a long string to the (1) USER, (2) PASS, (3) REIN, (4) QUIT, (5) PORT, (6) PASV, (7) TYPE, (8) STRU, (9) MODE, (10) RETR, (11) STOR, (12) APPE, (13) ALLO, (14) REST, (15) RNFR, (16) RNTO, (17) ABOR, (18) DELE, (19) CWD, (20) LIST, (21) NLST, (22) SITE, (23) STST, (24) HELP, (25) NOOP, (26) MKD, (27) RMD, (28) PWD, (29) CDUP, (30) STOU, (31) SNMT, (32) SYST, and (33) XPWD commands. | |||||
| CVE-2011-5162 | 1 Gomlab | 1 Gom Player | 2017-08-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in GOM Player 2.1.33.5071 allows user-assisted remote attackers to execute arbitrary code via a .ASX file with a long URI in the "ref href" tag. NOTE: this issue exists because of a CVE-2007-0707 regression. | |||||
| CVE-2011-5089 | 1 Iconics | 2 Bizviz, Genesis32 | 2017-08-29 | 10.0 HIGH | N/A |
| Buffer overflow in the Security Login ActiveX controls in ICONICS GENESIS32 8.05, 9.0, 9.1, and 9.2 and BizViz 8.05, 9.0, 9.1, and 9.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long password. | |||||
| CVE-2011-5052 | 1 Cocsoft | 1 Stream Down | 2017-08-29 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in CoCSoft Stream Down 6.8.0 allows remote web servers to execute arbitrary code via a long response to a download request. | |||||
| CVE-2011-5012 | 1 Attachmate | 5 Reflection, Reflection 2008, Reflection 2008r1 and 2 more | 2017-08-29 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the Reflection FTP Client (rftpcom.dll 7.2.0.106 and possibly other versions), as used in Attachmate Reflection 2008, Reflection 2011 R1 before 15.3.2.569 and R1 SP1 before, Reflection 2011 R2 before 15.4.1.327, Reflection Windows Client 7.2 SP1 before hotfix 7.2.1186, and Reflection 14.1 SP1 before 14.1.1.206, allows remote FTP servers to execute arbitrary code via a long directory name in a response to a LIST command. | |||||
| CVE-2011-5003 | 1 Avid | 1 Media Composer | 2017-08-29 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the Phonetic Indexer (AvidPhoneticIndexer.exe) in Avid Media Composer 5.5.3 and earlier allows remote attackers to execute arbitrary code via a long request to TCP port 4659. | |||||
| CVE-2011-4875 | 1 Siemens | 5 Simatic Hmi Panels, Wincc, Wincc Flexible and 2 more | 2017-08-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime, when Transfer Mode is enabled, allows remote attackers to execute arbitrary code via vectors related to Unicode strings. | |||||
| CVE-2011-5033 | 2 Configserver, Directadmin | 2 Configserver Security Firewall, Directadmin Server | 2017-08-29 | 4.4 MEDIUM | N/A |
| Stack-based buffer overflow in CFS.c in ConfigServer Security & Firewall (CSF) before 5.43, when running on a DirectAdmin server, allows local users to cause a denial of service (crash) via a long string in an admin.list file. | |||||
| CVE-2011-4537 | 1 7t | 1 Igss | 2017-08-29 | 7.5 HIGH | N/A |
| Multiple buffer overflows in 7-Technologies (7T) Interactive Graphical SCADA System (IGSS) 9.0.0.11355 and earlier allow remote attackers to execute arbitrary code or cause a denial of service via a crafted packet to TCP port (1) 12397 or (2) 12399. | |||||
| CVE-2011-4162 | 1 Hp | 1 Protecttools Device Access Manager | 2017-08-29 | 7.5 HIGH | N/A |
| The (1) AddUser, (2) AddUserEx, (3) RemoveUser, (4) RemoveUserByGuide, (5) RemoveUserEx, and (6) RemoveUserRegardless methods in HP Protect Tools Device Access Manager (PTDAM) before 6.1.0.1 allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a long SidString argument. | |||||
| CVE-2011-4157 | 1 Hp | 3 Centralized Management Console Software, San\/iq, Storageworks P4000 Virtual San Appliance | 2017-08-29 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in hydra.exe in HP SAN/iQ before 9.5 on the HP StorageWorks P4000 Virtual SAN Appliance allows remote attackers to execute arbitrary code via a crafted login request. | |||||
| CVE-2011-4055 | 1 Siemens | 1 Tecnomatix Factorylink | 2017-08-29 | 9.3 HIGH | N/A |
| Buffer overflow in the WebClient ActiveX control in Siemens Tecnomatix FactoryLink 6.6.1 (aka 6.6 SP1), 7.5.217 (aka 7.5 SP2), and 8.0.2.54 allows remote attackers to execute arbitrary code via a long string in a parameter associated with the location URL. | |||||
| CVE-2011-4050 | 1 7t | 1 Igss | 2017-08-29 | 5.0 MEDIUM | N/A |
| Buffer overflow in 7-Technologies (7T) Interactive Graphical SCADA System (IGSS) 9.0.0.11200 allows remote attackers to cause a denial of service via a crafted packet to TCP port 12401. | |||||