Search
Total
11946 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-0876 | 3 Apple, Ibm, Microsoft | 3 Mac Os X, Tivoli Storage Manager, Windows | 2017-08-29 | 2.1 LOW | N/A |
| Buffer overflow in the Java GUI Configuration Wizard and Preferences Editor in the backup-archive client in IBM Tivoli Storage Manager (TSM) 5.x and 6.x before 6.2.5.2, 6.3.x before 6.3.2, and 6.4.x before 6.4.2 on Windows and OS X allows local users to cause a denial of service (application crash or hang) via unspecified vectors. | |||||
| CVE-2014-0829 | 1 Ibm | 1 Rational Clearcase | 2017-08-29 | 6.5 MEDIUM | N/A |
| Multiple buffer overflows in IBM Rational ClearCase 7.x before 7.1.2.13, 8.0.0.x before 8.0.0.10, and 8.0.1.x before 8.0.1.3 allow remote authenticated users to obtain privileged access via unspecified vectors. | |||||
| CVE-2014-0895 | 1 Ibm | 1 Spss Samplepower | 2017-08-29 | 7.5 HIGH | N/A |
| Buffer overflow in the vsflex8l ActiveX control in IBM SPSS SamplePower 3.0.1 before FP1 3.0.1-IM-S3SAMPC-WIN32-FP001-IF02 allows remote attackers to execute arbitrary code via a crafted ComboList property value. | |||||
| CVE-2014-0550 | 5 Adobe, Apple, Google and 2 more | 7 Adobe Air, Adobe Air Sdk, Flash Player and 4 more | 2017-08-29 | 10.0 HIGH | N/A |
| Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0549, CVE-2014-0551, CVE-2014-0552, and CVE-2014-0555. | |||||
| CVE-2014-0978 | 1 Graphviz | 1 Graphviz | 2017-08-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via a long line in a dot file. | |||||
| CVE-2014-3442 | 1 Nullsoft | 1 Winamp | 2017-08-29 | 4.3 MEDIUM | N/A |
| Winamp 5.666 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) via a malformed .FLV file, related to f263.w5s. | |||||
| CVE-2014-4350 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-29 | 6.8 MEDIUM | N/A |
| Buffer overflow in QT Media Foundation in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MIDI file. | |||||
| CVE-2014-3434 | 1 Symantec | 1 Endpoint Protection | 2017-08-29 | 6.9 MEDIUM | N/A |
| Buffer overflow in the sysplant driver in Symantec Endpoint Protection (SEP) Client 11.x and 12.x before 12.1 RU4 MP1b, and Small Business Edition before SEP 12.1, allows local users to execute arbitrary code via a long argument to a 0x00222084 IOCTL call. | |||||
| CVE-2014-3356 | 1 Cisco | 1 Ios Xe | 2017-08-29 | 7.8 HIGH | N/A |
| The metadata flow feature in Cisco IOS 15.1 through 15.3 and IOS XE 3.3.xXO before 3.3.1XO, 3.6.xS and 3.7.xS before 3.7.6S, and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allows remote attackers to cause a denial of service (device reload) via malformed RSVP packets, aka Bug ID CSCue22753. | |||||
| CVE-2014-4393 | 1 Apple | 1 Mac Os X | 2017-08-29 | 10.0 HIGH | N/A |
| Buffer overflow in the shader compiler in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GLSL shader. | |||||
| CVE-2013-6748 | 1 Ibm | 1 Lotus Quickr For Domino | 2017-08-29 | 7.5 HIGH | N/A |
| Buffer overflow in the ActiveX control in qp2.cab in IBM Lotus Quickr for Domino 8.5.1 before 8.5.1.42-001b allows remote attackers to execute arbitrary code via a crafted HTML document, a different vulnerability than CVE-2013-6749. | |||||
| CVE-2014-0552 | 5 Adobe, Apple, Google and 2 more | 7 Adobe Air, Adobe Air Sdk, Flash Player and 4 more | 2017-08-29 | 10.0 HIGH | N/A |
| Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, and CVE-2014-0555. | |||||
| CVE-2014-0549 | 5 Adobe, Apple, Google and 2 more | 7 Adobe Air, Adobe Air Sdk, Flash Player and 4 more | 2017-08-29 | 10.0 HIGH | N/A |
| Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, and CVE-2014-0555. | |||||
| CVE-2014-0567 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Acrobat Reader, Mac Os X and 1 more | 2017-08-29 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0561. | |||||
| CVE-2014-0547 | 5 Adobe, Apple, Google and 2 more | 7 Adobe Air, Adobe Air Sdk, Flash Player and 4 more | 2017-08-29 | 10.0 HIGH | N/A |
| Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, and CVE-2014-0555. | |||||
| CVE-2014-0555 | 5 Adobe, Apple, Google and 2 more | 7 Adobe Air, Adobe Air Sdk, Flash Player and 4 more | 2017-08-29 | 10.0 HIGH | N/A |
| Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, and CVE-2014-0552. | |||||
| CVE-2014-4402 | 1 Apple | 1 Mac Os X | 2017-08-29 | 9.3 HIGH | N/A |
| An unspecified IOAcceleratorFamily function in Apple OS X before 10.9.5 lacks proper bounds checking on read operations, which allows attackers to execute arbitrary code in a privileged context via a crafted application. | |||||
| CVE-2014-0559 | 5 Adobe, Apple, Google and 2 more | 7 Adobe Air, Adobe Air Sdk, Flash Player and 4 more | 2017-08-29 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0556. | |||||
| CVE-2014-0556 | 5 Adobe, Apple, Google and 2 more | 7 Adobe Air, Adobe Air Sdk, Flash Player and 4 more | 2017-08-29 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0559. | |||||
| CVE-2014-1235 | 1 Graphviz | 1 Graphviz | 2017-08-29 | 6.8 MEDIUM | 7.8 HIGH |
| Stack-based buffer overflow in the "yyerror" function in Graphviz 2.34.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted file. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-0978. | |||||
| CVE-2013-6749 | 1 Ibm | 1 Lotus Quickr For Domino | 2017-08-29 | 7.5 HIGH | N/A |
| Buffer overflow in the ActiveX control in qp2.cab in IBM Lotus Quickr for Domino 8.5.1 before 8.5.1.42-001b allows remote attackers to execute arbitrary code via a crafted HTML document, a different vulnerability than CVE-2013-6748. | |||||
| CVE-2013-7246 | 1 Daum Communications | 1 Daumgame Activex Control | 2017-08-29 | 9.3 HIGH | N/A |
| Buffer overflow in the IconCreate method in an ActiveX control in the DaumGame ActiveX plugin 1.1.0.4 and 1.1.0.5 allows remote attackers to execute arbitrary code via a long string, as exploited in the wild in January 2014. | |||||
| CVE-2014-0397 | 1 Oracle | 1 Solaris | 2017-08-29 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in libXtsol in Oracle Solaris 10 and 11.1 have unspecified impact and attack vectors related to "Buffer errors." | |||||
| CVE-2014-3311 | 1 Cisco | 2 Webex Meeting Center, Webex Meetings Server | 2017-08-29 | 5.1 MEDIUM | N/A |
| Heap-based buffer overflow in the file-sharing feature in WebEx Meetings Client in Cisco WebEx Meetings Server and WebEx Meeting Center allows remote attackers to execute arbitrary code via crafted data, aka Bug IDs CSCup62463 and CSCup58467. | |||||
| CVE-2013-7186 | 1 Steinberg | 1 Mymp3pro | 2017-08-29 | 9.3 HIGH | N/A |
| Buffer overflow in Steinberg MyMp3PRO 5.0 (Build 5.1.0.21) allows remote attackers to execute arbitrary code via a long string in a .m3u file. | |||||
| CVE-2013-7184 | 1 Gomlab | 1 Gom Player | 2017-08-29 | 4.3 MEDIUM | N/A |
| Gretech GOM Media Player 2.2.56.5158 and earlier allows remote attackers to cause a denial of service (memory corruption) via a crafted AVI file. | |||||
| CVE-2014-3618 | 2 Canonical, Procmail | 2 Ubuntu Linux, Procmail | 2017-08-29 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted email header, related to "unbalanced quotes." | |||||
| CVE-2014-1387 | 1 Apple | 1 Safari | 2017-08-29 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367. | |||||
| CVE-2014-1388 | 1 Apple | 1 Safari | 2017-08-29 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367. | |||||
| CVE-2014-0494 | 1 Adobe | 1 Digital Editions | 2017-08-29 | 10.0 HIGH | N/A |
| Adobe Digital Editions 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. | |||||
| CVE-2013-7049 | 1 Znc | 1 Znc-msvc | 2017-08-29 | 4.3 MEDIUM | N/A |
| Stack-based buffer overflow in fish.cpp in the Fish plugin for ZNC, as used in ZNC for Windows (znc-msvc) 0.206 and earlier, allows remote attackers to cause a denial of service (crash) via a long string in a DH1080_INIT message. | |||||
| CVE-2013-6013 | 1 Juniper | 13 Junos, Srx100, Srx110 and 10 more | 2017-08-29 | 6.8 MEDIUM | N/A |
| Buffer overflow in the flow daemon (flowd) in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R7-S2, 12.1.X44 before 12.1X44-D15, 12.1X45 before 12.1X45-D10 on SRX devices, when using telnet pass-through authentication on the firewall, might allow remote attackers to execute arbitrary code via a crafted telnet message. | |||||
| CVE-2013-6462 | 1 X | 1 Libxfont | 2017-08-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont 1.1 through 1.4.6 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string in a character name in a BDF font file. | |||||
| CVE-2013-4742 | 1 Netwin | 1 Surgeftp | 2017-08-29 | 7.5 HIGH | N/A |
| Buffer overflow in NetWin SurgeFTP before 23d2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string within the authentication request. | |||||
| CVE-2013-4068 | 1 Ibm | 2 Lotus Domino, Lotus Inotes | 2017-08-29 | 7.1 HIGH | N/A |
| Buffer overflow in iNotes in IBM Domino 8.5.3 before FP5 IF1 and 9.0 before IF4 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka SPR PTHN9ADPA8. | |||||
| CVE-2013-5447 | 1 Ibm | 1 Forms Viewer | 2017-08-29 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in IBM Forms Viewer 4.x before 4.0.0.3 and 8.x before 8.0.1.1 allows remote attackers to execute arbitrary code via an XFDL form with a long fontname value. | |||||
| CVE-2013-4977 | 1 Hikvision | 2 Ds-2cd7153-e, Ds-2cd7153-e Firmware | 2017-08-29 | 10.0 HIGH | N/A |
| Buffer overflow in the RTSP Packet Handler in Hikvision DS-2CD7153-E IP camera with firmware 4.1.0 b130111 (Jan 2013), and possibly other devices, allows remote attackers to cause a denial of service (device crash and reboot) and possibly execute arbitrary code via a long string in the Range header field in an RTSP transaction. | |||||
| CVE-2013-5415 | 1 Ibm | 1 Rational Clearcase | 2017-08-29 | 7.2 HIGH | N/A |
| Buffer overflow in IBM Rational ClearCase through 7.1.2.12, 8.0.0.x before 8.0.0.9, and 8.0.1.x before 8.0.1.2 allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2013-6370 | 2 Fedoraproject, Json-c Project | 2 Fedora, Json-c | 2017-08-29 | 5.0 MEDIUM | N/A |
| Buffer overflow in the printbuf APIs in json-c before 0.12 allows remote attackers to cause a denial of service via unspecified vectors. | |||||
| CVE-2013-3986 | 1 Ibm | 1 Lotus Sametime | 2017-08-29 | 4.3 MEDIUM | N/A |
| IBM Lotus Sametime 8.5.2 and 8.5.2.1 allows remote attackers to cause a denial of service (WebPlayer Firefox extension crash) via a crafted Audio Visual (AV) session. | |||||
| CVE-2013-4694 | 1 Nullsoft | 1 Winamp | 2017-08-29 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in gen_jumpex.dll in Winamp before 5.64 Build 3418 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a package with a long Skin directory name. NOTE: a second buffer overflow involving a long GUI Search field to ml_local.dll was also reported. However, since it is only exploitable by the user of the application, this issue would not cross privilege boundaries unless Winamp is running under a highly restricted environment such as a kiosk. | |||||
| CVE-2013-4565 | 1 Debian | 1 Ppthtml | 2017-08-29 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in the __OLEdecode function in ppthtml 0.5.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted .ppt file. | |||||
| CVE-2013-5387 | 1 Ibm | 1 Platform Symphony | 2017-08-29 | 4.3 MEDIUM | N/A |
| Buffer overflow in IBM Platform Symphony 5.2, 6.1, and 6.1.1 allows remote attackers to cause a denial of service (process crash or hang) via a malformed SOAP request with a large amount of request data. | |||||
| CVE-2013-3928 | 1 Jpchacha | 1 Chasys Draw Ies | 2017-08-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the ReadFile function in flt_BMP.dll in Chasys Draw IES before 4.11.02 allows remote attackers to execute arbitrary code via crafted biPlanes and biBitCount fields in a BMP file. | |||||
| CVE-2013-6411 | 1 Openttd | 1 Openttd | 2017-08-29 | 5.0 MEDIUM | N/A |
| The HandleCrashedAircraft function in aircraft_cmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) by crashing an aircraft outside of the map. | |||||
| CVE-2013-5469 | 1 Cisco | 1 Ios | 2017-08-29 | 7.1 HIGH | N/A |
| The TCP implementation in Cisco IOS does not properly implement the transitions from the ESTABLISHED state to the CLOSED state, which allows remote attackers to cause a denial of service (flood of ACK packets) via a crafted series of ACK and FIN packets, aka Bug ID CSCtz14399. | |||||
| CVE-2013-5351 | 1 Irfanview | 1 Irfanview | 2017-08-29 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in IrfanView before 4.37 allows remote attackers to execute arbitrary code via the LZW code stream in a GIF file. | |||||
| CVE-2013-3026 | 1 Ibm | 1 Lotus Quickr For Domino | 2017-08-29 | 9.3 HIGH | N/A |
| Buffer overflow in the Lotus Quickr for Domino ActiveX control in qp2.cab in IBM Lotus Quickr 8.1 before FP 8.1.0.32-001a, 8.2 before FP 8.2.0.28-001a, and 8.5.1 before FP 8.5.1.39-002a for Domino allows remote attackers to execute arbitrary code via a crafted web site. | |||||
| CVE-2013-2962 | 1 Ibm | 1 Websphere Transformation Extender | 2017-08-29 | 4.9 MEDIUM | N/A |
| Buffer overflow in the Launcher in IBM WebSphere Transformation Extender 8.4.x before 8.4.0.4 allows local users to cause a denial of service (process crash or Admin Console command-stream outage) via unspecified vectors. | |||||
| CVE-2013-3474 | 1 Cisco | 1 Wireless Lan Controller | 2017-08-29 | 6.3 MEDIUM | N/A |
| The Web Administrator Interface on Cisco Wireless LAN Controller (WLC) devices allows remote authenticated users to cause a denial of service (device crash) by leveraging membership in the Full Manager managers group, Read Only managers group, or Lobby Ambassador managers group, and sending a request that (1) lacks a parameter value or (2) contains a malformed parameter value, aka Bug IDs CSCuh14313, CSCuh14159, CSCuh14368, and CSCuh14436. | |||||