Search
Total
11946 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-5327 | 1 Adobe | 1 Robohelp | 2013-10-10 | 10.0 HIGH | N/A |
| MDBMS.dll in Adobe RoboHelp 10 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||||
| CVE-2013-2794 | 1 Trianglemicroworks | 3 .net Communication Protocol Components, Ansi C Source Code Libraries, Scada Data Gateway | 2013-10-08 | 4.9 MEDIUM | N/A |
| Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow physically proximate attackers to cause a denial of service (infinite loop) via crafted input over a serial line. | |||||
| CVE-2013-5715 | 1 Gomlab | 1 Gom Player | 2013-10-08 | 10.0 HIGH | N/A |
| Buffer overflow in Gretech GOM Media Player before 2.2.53.5169 has unspecified impact and attack vectors. | |||||
| CVE-2013-4679 | 1 Symantec | 1 Workspace Virtualization | 2013-10-07 | 6.6 MEDIUM | N/A |
| Symantec Workspace Virtualization before 6.x before 6.4.1953.0, when a virtual application layer is configured, allows local users to gain privileges via an application that performs crafted interaction with the operating system. | |||||
| CVE-2013-4986 | 1 Iconcool | 1 Pdfcool Studio | 2013-10-07 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in PDFAX0722_IconCool.dll 7.22.1125.2121 in IconCool PDFCool Studio 3.32 Build 130330 and earlier allows remote attackers to execute arbitrary code via a crafted PDF file. | |||||
| CVE-2013-3582 | 1 Dell | 22 Latitude D530, Latitude D531, Latitude D630 and 19 more | 2013-10-07 | 7.6 HIGH | N/A |
| Buffer overflow in Dell BIOS on Dell Latitude D###, E####, XT2, and Z600 devices, and Dell Precision M#### devices, allows local users to bypass intended BIOS signing requirements and install arbitrary BIOS images by leveraging administrative privileges and providing a crafted rbu_packet.pktNum value in conjunction with a crafted rbu_packet.pktSize value. | |||||
| CVE-2013-2808 | 1 Philips | 4 Xper Flex Cardio, Xper Information Management Physiomonitoring 5, Xper Information Management Vascular Monitoring 5 and 1 more | 2013-10-07 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Xper in Philips Xper Information Management Physiomonitoring 5 components, Xper Information Management Vascular Monitoring 5 components, and Xper Information Management servers and workstations for Flex Cardio products before XperConnect 1.5.4.053 SP2 allows remote attackers to execute arbitrary code via a crafted HTTP request to the Connect broker on TCP port 6000. | |||||
| CVE-2013-2197 | 2 Drupal, Login Security Project | 2 Drupal, Login Security | 2013-10-07 | 4.3 MEDIUM | N/A |
| The Login Security module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.3 for Drupal, when using the login delay option, allows remote attackers to cause a denial of service (CPU consumption) via a large number of failed login attempts. | |||||
| CVE-2013-0742 | 1 Corel | 1 Pdf Fusion | 2013-10-07 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Corel PDF Fusion 1.11 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long ZIP directory entry name in an XPS file. | |||||
| CVE-2012-1804 | 1 Progea | 1 Movicon | 2013-10-03 | 7.8 HIGH | N/A |
| The OPC server in Progea Movicon before 11.3 allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted HTTP request. | |||||
| CVE-2012-4715 | 1 Rockwellautomation | 1 Rslinx Enterprise | 2013-10-02 | 10.0 HIGH | N/A |
| Buffer overflow in LogReceiver.exe in Rockwell Automation RSLinx Enterprise CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a UDP packet with a certain integer length value that is (1) too large or (2) too small, leading to improper handling by Logger.dll. | |||||
| CVE-2013-4239 | 1 Redhat | 1 Libvirt | 2013-10-01 | 4.0 MEDIUM | N/A |
| The xenDaemonListDefinedDomains function in xen/xend_internal.c in libvirt 1.1.1 allows remote authenticated users to cause a denial of service (memory corruption and crash) via vectors involving the virConnectListDefinedDomains API function. | |||||
| CVE-2013-1026 | 1 Apple | 2 Iphone Os, Mac Os X | 2013-09-27 | 6.8 MEDIUM | N/A |
| Buffer overflow in ImageIO in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JPEG2000 data in a PDF document. | |||||
| CVE-2013-1025 | 1 Apple | 2 Iphone Os, Mac Os X | 2013-09-27 | 6.8 MEDIUM | N/A |
| Buffer overflow in CoreGraphics in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JBIG2 data in a PDF document. | |||||
| CVE-2013-2791 | 1 Matrikonopc | 1 Scada Dnp3 Opc Server | 2013-09-26 | 7.1 HIGH | N/A |
| MatrikonOPC SCADA DNP3 OPC Server 1.2.0 allows remote attackers to cause a denial of service (master-station daemon crash) via a malformed DNP3 TCP packet from the IP address of an outstation. | |||||
| CVE-2013-5933 | 2 Google, Motorola | 2 Android, Defy Xt | 2013-09-25 | 6.9 MEDIUM | N/A |
| Stack-based buffer overflow in the sub_E110 function in init in a certain configuration of Android 2.3.7 on the Motorola Defy XT phone for Republic Wireless allows local users to gain privileges or cause a denial of service (memory corruption) by writing a long string to the /dev/socket/init_runit socket that is inconsistent with a certain length value that was previously written to this socket. | |||||
| CVE-2013-2793 | 1 Trianglemicroworks | 3 .net Communication Protocol Components, Ansi C Source Code Libraries, Scada Data Gateway | 2013-09-25 | 7.8 HIGH | N/A |
| Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow remote attackers to cause a denial of service (infinite loop) via a crafted DNP3 TCP packet. | |||||
| CVE-2012-2624 | 1 Cgi | 1 Hotscan | 2013-09-24 | 4.3 MEDIUM | N/A |
| Stack-based buffer overflow in Logica HotScan allows remote attackers to cause a denial of service (crash) via a crafted packet. | |||||
| CVE-2013-2891 | 1 Linux | 1 Linux Kernel | 2013-09-18 | 4.7 MEDIUM | N/A |
| drivers/hid/hid-steelseries.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_STEELSERIES is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device. | |||||
| CVE-2013-2890 | 1 Linux | 1 Linux Kernel | 2013-09-18 | 4.7 MEDIUM | N/A |
| drivers/hid/hid-sony.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_SONY is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device. | |||||
| CVE-2013-4298 | 1 Imagemagick | 1 Imagemagick | 2013-09-18 | 4.3 MEDIUM | N/A |
| The ReadGIFImage function in coders/gif.c in ImageMagick before 6.7.8-8 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted comment in a GIF image. | |||||
| CVE-2013-3657 | 1 Vmware | 2 Esx, Esxi | 2013-09-13 | 7.5 HIGH | N/A |
| Buffer overflow in VMware ESXi 4.0 through 5.0, and ESX 4.0 and 4.1, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors. | |||||
| CVE-2013-3360 | 1 Adobe | 1 Shockwave Player | 2013-09-12 | 10.0 HIGH | N/A |
| Adobe Shockwave Player before 12.0.4.144 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3359. | |||||
| CVE-2013-3359 | 1 Adobe | 1 Shockwave Player | 2013-09-12 | 10.0 HIGH | N/A |
| Adobe Shockwave Player before 12.0.4.144 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3360. | |||||
| CVE-2013-4973 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2013-09-12 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted .rmp file. | |||||
| CVE-2013-4974 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2013-09-12 | 9.3 HIGH | N/A |
| RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed RealMedia file. | |||||
| CVE-2013-5641 | 1 Digium | 2 Asterisk, Certified Asterisk | 2013-09-12 | 5.0 MEDIUM | N/A |
| The SIP channel driver (channels/chan_sip.c) in Asterisk Open Source 1.8.17.x through 1.8.22.x, 1.8.23.x before 1.8.23.1, and 11.x before 11.5.1 and Certified Asterisk 1.8.15 before 1.8.15-cert3 and 11.2 before 11.2-cert2 allows remote attackers to cause a denial of service (NULL pointer dereference, segmentation fault, and daemon crash) via an ACK with SDP to a previously terminated channel. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2013-3934 | 1 Kingsoft | 2 Office 2012, Writer 2012 | 2013-09-10 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Kingsoft Writer 2012 8.1.0.3030, as used in Kingsoft Office 2013 before 9.1.0.4256, allows remote attackers to execute arbitrary code via a long font name in a WPS file. | |||||
| CVE-2011-1761 | 1 Konstanty Bialkowski | 1 Libmodplug | 2013-09-10 | 6.8 MEDIUM | N/A |
| Multiple stack-based buffer overflows in the (1) abc_new_macro and (2) abc_new_umacro functions in src/load_abc.cpp in libmodplug before 0.8.8.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ABC file. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2013-1119 | 1 Cisco | 1 Webex Recording Format Player | 2013-09-06 | 9.3 HIGH | N/A |
| Buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted DHT index value in JPEG data within a WRF file, aka Bug ID CSCuc24503. | |||||
| CVE-2013-1118 | 1 Cisco | 1 Webex Recording Format Player | 2013-09-06 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCuc27645. | |||||
| CVE-2013-1117 | 1 Cisco | 1 Webex Recording Format Player | 2013-09-06 | 9.3 HIGH | N/A |
| Buffer overflow in the exception handler in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted WRF file, aka Bug ID CSCuc27639. | |||||
| CVE-2013-1116 | 1 Cisco | 1 Webex Advanced Recording Format Player | 2013-09-06 | 9.3 HIGH | N/A |
| Buffer overflow in Cisco WebEx Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted ARF file, aka Bug IDs CSCue74147 and CSCub28383. | |||||
| CVE-2013-1115 | 1 Cisco | 1 Webex Advanced Recording Format Player | 2013-09-06 | 9.3 HIGH | N/A |
| Buffer overflow in Cisco WebEx Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted ARF file, aka Bug IDs CSCue74118, CSCub28371, CSCud23401, and CSCud31109. | |||||
| CVE-2011-1848 | 1 Hp | 1 Intelligent Management Center | 2013-08-28 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in img.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a crafted length field in a packet. | |||||
| CVE-2010-5289 | 1 Incredimail | 1 Incredimail | 2013-08-27 | 7.5 HIGH | N/A |
| Buffer overflow in the Authenticate method in the INCREDISPOOLERLib.Pop ActiveX control in ImSpoolU.dll in IncrediMail 2.0 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long string in the first argument. | |||||
| CVE-2013-5578 | 1 Staruml | 1 Staruml | 2013-08-26 | 9.3 HIGH | N/A |
| Buffer overflow in the ToDot method in the WINGRAPHVIZLib.NEATO ActiveX control in WinGraphviz.dll in StarUML allows remote attackers to execute arbitrary code via a long argument. | |||||
| CVE-2013-2801 | 1 Osisoft | 1 Pi Interface | 2013-08-23 | 5.0 MEDIUM | N/A |
| The OSIsoft PI Interface for IEEE C37.118 before 1.0.6.158 allows remote attackers to cause a denial of service (instance shutdown and data-collection outage) via crafted C37.118 configuration packets that trigger an invalid read operation. | |||||
| CVE-2013-4685 | 1 Juniper | 13 Junos, Srx100, Srx110 and 10 more | 2013-08-22 | 10.0 HIGH | N/A |
| Buffer overflow in flowd in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R7, 12.1 before 12.1R6, and 12.1X44 before 12.1X44-D15 on SRX devices, when Captive Portal is enabled with the UAC enforcer role, allows remote attackers to execute arbitrary code via crafted HTTP requests, aka PR 849100. | |||||
| CVE-2013-4575 | 1 Symantec | 1 Backup Exec | 2013-08-22 | 7.9 HIGH | N/A |
| Heap-based buffer overflow in the utility program in the Linux agent in Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 allows remote attackers to cause a denial of service (agent crash) or possibly execute arbitrary code via unspecified vectors. | |||||
| CVE-2013-3345 | 5 Adobe, Apple, Google and 2 more | 5 Flash Player, Mac Os X, Android and 2 more | 2013-08-22 | 10.0 HIGH | N/A |
| Adobe Flash Player before 11.7.700.232 and 11.8.x before 11.8.800.94 on Windows and Mac OS X, before 11.2.202.297 on Linux, before 11.1.111.64 on Android 2.x and 3.x, and before 11.1.115.69 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||||
| CVE-2013-1772 | 1 Linux | 1 Linux Kernel | 2013-08-22 | 4.0 MEDIUM | N/A |
| The log_prefix function in kernel/printk.c in the Linux kernel 3.x before 3.4.33 does not properly remove a prefix string from a syslog header, which allows local users to cause a denial of service (buffer overflow and system crash) by leveraging /dev/kmsg write access and triggering a call_console_drivers function call. | |||||
| CVE-2013-0131 | 1 Nvidia | 1 Gpu Driver | 2013-08-22 | 7.1 HIGH | N/A |
| Buffer overflow in the NVIDIA GPU driver before 304.88, 310.x before 310.44, and 313.x before 313.30 for the X Window System on UNIX, when NoScanout mode is enabled, allows remote authenticated users to execute arbitrary code via a large ARGB cursor. | |||||
| CVE-2012-3518 | 1 Tor | 1 Tor | 2013-08-22 | 5.0 MEDIUM | N/A |
| The networkstatus_parse_vote_from_string function in routerparse.c in Tor before 0.2.2.38 does not properly handle an invalid flavor name, which allows remote attackers to cause a denial of service (out-of-bounds read and daemon crash) via a crafted (1) vote document or (2) consensus document. | |||||
| CVE-2013-3410 | 1 Cisco | 2 Intrusion Prevention System, Ips Nme | 2013-08-20 | 7.8 HIGH | N/A |
| Cisco Intrusion Prevention System (IPS) Software on IPS NME devices before 7.0(9)E4 allows remote attackers to cause a denial of service (device reload) via malformed IPv4 packets that trigger incorrect memory allocation, aka Bug ID CSCua61977. | |||||
| CVE-2013-3348 | 1 Adobe | 1 Shockwave Player | 2013-08-20 | 10.0 HIGH | N/A |
| Adobe Shockwave Player before 12.0.3.133 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||||
| CVE-2010-4557 | 1 Invensys | 2 Foxboro I\/a Series Batch, Wonderware Inbatch | 2013-08-19 | 10.0 HIGH | N/A |
| Buffer overflow in the lm_tcp service in Invensys Wonderware InBatch 8.1 and 9.0, as used in Invensys Foxboro I/A Series Batch 8.1 and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted request to port 9001. | |||||
| CVE-2008-3544 | 1 Hp | 1 Openview Network Node Manager | 2013-08-19 | 9.0 HIGH | N/A |
| Multiple stack-based buffer overflows in ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.51, and possibly 7.01, 7.50, and 7.53, allow remote attackers to execute arbitrary code via a long (1) REQUEST_SEV_CHANGE (aka number 47), (2) REQUEST_SAVE_STATE (aka number 61), or (3) REQUEST_RESTORE_STATE (aka number 62) request to TCP port 2954. | |||||
| CVE-2013-2127 | 1 Libraw | 1 Libraw | 2013-08-14 | 7.5 HIGH | N/A |
| Buffer overflow in the exposure correction code in LibRaw before 0.15.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. | |||||
| CVE-2013-1377 | 1 Adobe | 1 Digital Editions | 2013-07-31 | 10.0 HIGH | N/A |
| Adobe Digital Editions 2.x before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||||