Search
Total
11946 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-0266 | 1 Hp | 1 Openview Network Node Manager | 2017-08-17 | 10.0 HIGH | N/A |
| Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long nameParams parameter, a different vulnerability than CVE-2011-0267.2. | |||||
| CVE-2011-0267 | 1 Hp | 1 Openview Network Node Manager | 2017-08-17 | 10.0 HIGH | N/A |
| Multiple buffer overflows in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allow remote attackers to execute arbitrary code via a long (1) schdParams or (2) nameParams parameter, a different vulnerability than CVE-2011-0266. | |||||
| CVE-2011-0268 | 1 Hp | 1 Openview Network Node Manager | 2017-08-17 | 10.0 HIGH | N/A |
| Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long text1 parameter. | |||||
| CVE-2011-0269 | 1 Hp | 1 Openview Network Node Manager | 2017-08-17 | 10.0 HIGH | N/A |
| Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long schd_select1 parameter. | |||||
| CVE-2011-0273 | 1 Hp | 1 Openview Storage Data Protector Cell Manager | 2017-08-17 | 9.3 HIGH | N/A |
| Buffer overflow in crs.exe in HP OpenView Storage Data Protector Cell Manager 6.11 allows remote attackers to execute arbitrary code via unspecified message types. | |||||
| CVE-2011-0310 | 1 Ibm | 1 Websphere Mq | 2017-08-17 | 6.8 MEDIUM | N/A |
| Buffer overflow in IBM WebSphere MQ 7.0 before 7.0.1.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted header field in a message. | |||||
| CVE-2011-0311 | 1 Ibm | 2 Java, Runtimes For Java Technology | 2017-08-17 | 3.5 LOW | N/A |
| The class file parser in IBM Java before 1.4.2 SR13 FP9, as used in IBM Runtimes for Java Technology 5.0.0 before SR13 and 6.0.0 before SR10, allows remote authenticated users to cause a denial of service (JVM segmentation fault, and possibly memory consumption or an infinite loop) via a crafted attribute length field in a class file, which triggers a buffer over-read. | |||||
| CVE-2011-0314 | 1 Ibm | 1 Websphere Mq | 2017-08-17 | 6.5 MEDIUM | N/A |
| Heap-based buffer overflow in IBM WebSphere MQ 6.0 before 6.0.2.11 and 7.0 before 7.0.1.5 allows remote authenticated users to execute arbitrary code or cause a denial of service (queue manager crash) by inserting an invalid message into the queue. | |||||
| CVE-2011-0352 | 1 Cisco | 2 Linksys Wrt54gc Router, Linksys Wrt54gc Router Firmware | 2017-08-17 | 7.8 HIGH | N/A |
| Buffer overflow in the web-based management interface on the Cisco Linksys WRT54GC router with firmware before 1.06.1 allows remote attackers to cause a denial of service (device crash) via a long string in a POST request. | |||||
| CVE-2011-0341 | 2 Artifex, Mozilla | 2 Mupdf, Firefox | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the pdfmoz_onmouse function in apps/mozilla/moz_main.c in the MuPDF plug-in 2008.09.02 for Firefox allows remote attackers to execute arbitrary code via a crafted web site. | |||||
| CVE-2011-0344 | 1 Alcatel-lucent | 1 Omnipcx | 2017-08-17 | 5.8 MEDIUM | N/A |
| Multiple stack-based buffer overflows in unspecified CGI programs in the Unified Maintenance Tool web interface in the embedded web server in the Communication Server (CS) in Alcatel-Lucent OmniPCX Enterprise before R9.0 H1.301.50 allow remote attackers to execute arbitrary code via crafted HTTP headers. | |||||
| CVE-2011-0404 | 1 Netsupport | 1 Netsupport Manager Agent | 2017-08-17 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in NetSupport Manager Agent for Linux 11.00, for Solaris 9.50, and for Mac OS X 11.00 allows remote attackers to execute arbitrary code via a long control hostname to TCP port 5405, probably a different vulnerability than CVE-2007-5252. | |||||
| CVE-2011-0406 | 1 Wellintech | 1 Kingview | 2017-08-17 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in HistorySvr.exe in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a long request to TCP port 777. | |||||
| CVE-2011-0408 | 1 Libpng | 1 Libpng | 2017-08-17 | 6.8 MEDIUM | N/A |
| pngrtran.c in libpng 1.5.x before 1.5.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted palette-based PNG image that triggers a buffer overflow, related to the png_do_expand_palette function, the png_do_rgb_to_gray function, and an integer underflow. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2011-0427 | 1 Tor | 1 Tor | 2017-08-17 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. | |||||
| CVE-2011-0454 | 1 Iij | 12 Seil\/b1, Seil\/b1 Firmware, Seil\/neu 2fe Plus and 9 more | 2017-08-17 | 8.3 HIGH | N/A |
| Buffer overflow in the PPP Access Concentrator (PPPAC) on the SEIL/x86 with firmware 1.00 through 1.61, SEIL/B1 with firmware 1.00 through 3.11, SEIL/X1 with firmware 1.00 through 3.11, SEIL/X2 with firmware 1.00 through 3.11, SEIL/Turbo with firmware 1.80 through 2.10, and SEIL/neu 2FE Plus with firmware 1.80 through 2.10 might allow remote attackers to execute arbitrary code via a PPPoE packet. | |||||
| CVE-2011-0488 | 2 Advantech, Indusoft | 2 Advantech Studio, Web Studio | 2017-08-17 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in NTWebServer.exe in the test web service in InduSoft NTWebServer, as distributed in Advantech Studio 6.1 and InduSoft Web Studio 7.0, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long request to TCP port 80. | |||||
| CVE-2011-0499 | 1 Verytools | 2 Videospirit Lite, Videospirit Pro | 2017-08-17 | 9.3 HIGH | N/A |
| Buffer overflow in VideoSpirit Pro 1.6.8.1 and possibly earlier versions, and VideoSpirit Lite 1.4.0.1 and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via a VideoSpirit project (.visprj) file containing a valitem element with a long "name" attribute. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2011-0517 | 1 Sielcosistemi | 1 Winlog Pro | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Sielco Sistemi Winlog Pro 2.07.00 and earlier, when Run TCP/IP server is enabled, allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted 0x02 opcode to TCP port 46823. | |||||
| CVE-2011-0520 | 1 Maradns | 1 Maradns | 2017-08-17 | 7.5 HIGH | N/A |
| The compress_add_dlabel_points function in dns/Compress.c in MaraDNS 1.4.03, 1.4.05, and probably other versions allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long DNS hostname with a large number of labels, which triggers a heap-based buffer overflow. | |||||
| CVE-2011-0530 | 1 Wouter Verhelst | 1 Nbd | 2017-08-17 | 7.5 HIGH | N/A |
| Buffer overflow in the mainloop function in nbd-server.c in the server in Network Block Device (nbd) before 2.9.20 might allow remote attackers to execute arbitrary code via a long request. NOTE: this issue exists because of a CVE-2005-3534 regression. | |||||
| CVE-2011-0651 | 1 Icon-labs | 1 Iconfidant Ssl Server | 2017-08-17 | 7.5 HIGH | N/A |
| Buffer overflow in the key exchange functionality in Icon Labs Iconfidant SSL Server before 1.3.0 allows remote attackers to execute arbitrary code via a client master key packet in which the sum of unspecified length fields is greater than a certain value. | |||||
| CVE-2011-0900 | 1 Erick Woods | 1 Terminal Server Client | 2017-08-17 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in the tsc_launch_remote function (src/support.c) in Terminal Server Client (tsclient) 0.150, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via a .RDP file with a long hostname argument. | |||||
| CVE-2011-0901 | 1 Erick Woods | 1 Terminal Server Client | 2017-08-17 | 6.8 MEDIUM | N/A |
| Multiple stack-based buffer overflows in the tsc_launch_remote function (src/support.c) in Terminal Server Client (tsclient) 0.150, and possibly other versions, allow user-assisted remote attackers to execute arbitrary code via a .RDP file with a long (1) username, (2) password, or (3) domain argument. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2011-0904 | 1 David King | 1 Vino | 2017-08-17 | 3.5 LOW | N/A |
| The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when raw encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via a large (1) X position or (2) Y position value in a framebuffer update request that triggers an out-of-bounds memory access, related to the rfbTranslateNone and rfbSendRectEncodingRaw functions. | |||||
| CVE-2011-0905 | 1 David King | 1 Vino | 2017-08-17 | 3.5 LOW | N/A |
| The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when tight encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via crafted dimensions in a framebuffer update request that triggers an out-of-bounds read operation. | |||||
| CVE-2011-1065 | 1 Pipi | 1 Pipi Player | 2017-08-17 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in the PIPIWebPlayer ActiveX control (PIWebPlayer.ocx) in PIPI Player 2.8.0.0 allow remote attackers to execute arbitrary code via long arguments to the (1) PlayURL or (2) PlayURLWithLocalPlayer methods. | |||||
| CVE-2011-1179 | 2 Mozilla, Redhat | 2 Firefox, Spice-xpi | 2017-08-17 | 5.1 MEDIUM | N/A |
| The SPICE Firefox plug-in (spice-xpi) 2.4, 2.3, 2.2, and possibly other versions allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to (1) plugin/nsScriptablePeer.cpp and (2) plugin/plugin.cpp, which trigger multiple uses of an uninitialized pointer. | |||||
| CVE-2010-2031 | 1 Kingsoft | 1 Webshield | 2017-08-17 | 7.2 HIGH | N/A |
| KAVSafe.sys 2010.4.14.609 and earlier, as used in Kingsoft Webshield 3.5.1.2 and earlier, allows local users to overwrite arbitrary kernel memory via a crafted request to IOCTL 0x830020d4 on the KAVSafe device. | |||||
| CVE-2010-2191 | 1 Php | 1 Php | 2017-08-17 | 6.4 MEDIUM | N/A |
| The (1) parse_str, (2) preg_match, (3) unpack, and (4) pack functions; the (5) ZEND_FETCH_RW, (6) ZEND_CONCAT, and (7) ZEND_ASSIGN_CONCAT opcodes; and the (8) ArrayObject::uasort method in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal function or handler. NOTE: vectors 2 through 4 are related to the call time pass by reference feature. | |||||
| CVE-2010-1597 | 1 Zipgenius | 1 Zipgenius | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in zgtips.dll in ZipGenius 6.3.1.2552 allows user-assisted remote attackers to execute arbitrary code via a ZIP file containing an entry with a long filename. | |||||
| CVE-2010-2587 | 1 Adobe | 1 Shockwave Player | 2017-08-17 | 9.3 HIGH | N/A |
| The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2588 and CVE-2010-4188. | |||||
| CVE-2010-2588 | 1 Adobe | 1 Shockwave Player | 2017-08-17 | 9.3 HIGH | N/A |
| The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2587 and CVE-2010-4188. | |||||
| CVE-2010-2602 | 1 Rim | 1 Blackberry Enterprise Server | 2017-08-17 | 6.8 MEDIUM | N/A |
| Multiple buffer overflows in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Enterprise Server 5.0.0 through 5.0.2, 4.1.6, and 4.1.7 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF document. | |||||
| CVE-2010-2604 | 1 Rim | 2 Blackberry Enterprise Server, Blackberry Enterprise Server Express | 2017-08-17 | 9.3 HIGH | N/A |
| Multiple buffer overflows in the PDF Distiller in the BlackBerry Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server 4.1.3 through 5.0.2, and Enterprise Server Express 5.0.1 and 5.0.2, allow remote attackers to execute arbitrary code via a crafted PDF file. | |||||
| CVE-2010-1688 | 1 2brightsparks | 1 Syncback | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in 2BrightSparks SyncBack Freeware 3.2.20.0, and possibly other versions before 3.2.21, allows user-assisted remote attackers to execute arbitrary code via a long filename in a (1) .sps or (2) zip profile. | |||||
| CVE-2010-3042 | 1 Cisco | 2 Webex Advanced Recording Format Player, Webex Recording Format Player | 2017-08-17 | 9.3 HIGH | N/A |
| Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, a different vulnerability than CVE-2010-3041, CVE-2010-3043, and CVE-2010-3044. | |||||
| CVE-2010-2702 | 1 Epicgames | 6 Postal 2, Raven Shield, Swat 4 and 3 more | 2017-08-17 | 9.3 HIGH | N/A |
| Buffer overflow in the UGameEngine::UpdateConnectingMessage function in the Unreal engine 1, 2, and 2.5, as used in multiple games including Unreal Tournament 2004, Unreal tournament 2003, Postal 2, Raven Shield, and SWAT4, when downloads are enabled, allows remote attackers to execute arbitrary code via a long LEVEL field in a WELCOME response to a download request. | |||||
| CVE-2010-3043 | 1 Cisco | 2 Webex Advanced Recording Format Player, Webex Recording Format Player | 2017-08-17 | 9.3 HIGH | N/A |
| Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, a different vulnerability than CVE-2010-3041, CVE-2010-3042, and CVE-2010-3044. | |||||
| CVE-2010-0564 | 1 Trendmicro | 1 Officescan | 2017-08-17 | 5.0 MEDIUM | N/A |
| Buffer overflow in Trend Micro URL Filtering Engine (TMUFE) in OfficeScan 8.0 before SP1 Patch 5 - Build 3510, possibly tmufeng.dll before 3.0.0.1029, allows attackers to cause a denial of service (crash or OfficeScan hang) via unspecified vectors. NOTE: it is likely that this issue also affects tmufeng.dll before 2.0.0.1049 for OfficeScan 10.0. | |||||
| CVE-2010-0718 | 1 Microsoft | 1 Windows Media Player | 2017-08-17 | 4.3 MEDIUM | N/A |
| Buffer overflow in Microsoft Windows Media Player 9 and 11.0.5721.5145 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted .mpg file. | |||||
| CVE-2010-0919 | 1 Ibm | 3 Domino Web Access, Lotus Domino, Lotus Inotes | 2017-08-17 | 7.6 HIGH | N/A |
| Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ. | |||||
| CVE-2010-3044 | 1 Cisco | 2 Webex Advanced Recording Format Player, Webex Recording Format Player | 2017-08-17 | 9.3 HIGH | N/A |
| Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to atas32.dll, a different vulnerability than CVE-2010-3041, CVE-2010-3042, and CVE-2010-3043. | |||||
| CVE-2010-2709 | 1 Hp | 1 Openview Network Node Manager | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in webappmon.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long OvJavaLocale value in a cookie. | |||||
| CVE-2010-1932 | 1 Xnview | 1 Xnview | 2017-08-17 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in XnView 1.97.4 and possibly earlier allows remote attackers to execute arbitrary code via a MultiBitMap (MBM) file with a Paint Data Section that contains a malformed Encoding field. | |||||
| CVE-2010-2004 | 1 Bsplayer | 1 Bs.player | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in BS.Global BS.Player 2.51 Build 1022 Free, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via the Skin parameter in the Options section of a skins file (.bsi), a different vulnerability than CVE-2009-1068. | |||||
| CVE-2010-2305 | 1 Symantec | 1 Sygate Personal Firewall | 2017-08-17 | 9.3 HIGH | N/A |
| Buffer overflow in an ActiveX control in SSHelper.dll for Symantec Sygate Personal Firewall 5.6 build 2808 allows remote attackers to execute arbitrary code via a long third argument to the SetRegString method. | |||||
| CVE-2010-2701 | 1 Fathsoft | 1 Fathftp | 2017-08-17 | 9.3 HIGH | N/A |
| Multiple buffer overflows in the FathFTP ActiveX control 1.7 allow remote attackers to execute arbitrary code via (1) the GetFromURL member or (2) a long argument to the RasIsConnected method. | |||||
| CVE-2010-2311 | 1 Power-tab | 1 Power Tab Editor | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Power Tab Editor 1.7 build 80 allows user-assisted remote attackers to execute arbitrary code via a .ptb file with a long font name. | |||||
| CVE-2010-2321 | 1 Adobe | 1 Indesign Cs3 | 2017-08-17 | 9.3 HIGH | N/A |
| Buffer overflow in Adobe InDesign CS3 10.0 allows user-assisted remote attackers to execute arbitrary code via a crafted .indd file. | |||||