Search Results (14738 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-3209 1 Microsoft 1 Internet Explorer 2025-04-11 N/A
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3201, CVE-2013-3203, CVE-2013-3206, and CVE-2013-3207.
CVE-2009-4901 2 Muscle, Redhat 3 Pcsc-lite, Certificate System, Enterprise Linux 2025-04-11 N/A
The MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 might allow local users to cause a denial of service (daemon crash) via crafted SCARD_SET_ATTRIB message data, which is improperly demarshalled and triggers a buffer over-read, a related issue to CVE-2010-0407.
CVE-2013-4416 1 Xen 1 Xen 2025-04-11 N/A
The Ocaml xenstored implementation (oxenstored) in Xen 4.1.x, 4.2.x, and 4.3.x allows local guest domains to cause a denial of service (domain shutdown) via a large message reply.
CVE-2013-3300 1 Liftweb 1 Lift 2025-04-11 N/A
The JsonParser class in json/JsonParser.scala in Lift before 2.5 interprets a certain end-index value as a length value, which allows remote authenticated users to obtain sensitive information from other users' sessions via invalid input data containing a < (less than) character.
CVE-2012-6326 1 Vmware 2 Vcenter Server, Vcenter Server Appliance 2025-04-11 N/A
VMware vCenter Server 4.1 before Update 3 and 5.0 before Update 2, and vCSA 5.0 before Update 2, allows remote attackers to cause a denial of service (disk consumption) via vectors that trigger large log entries.
CVE-2010-0107 1 Symantec 4 Client Security, Norton 360, Norton Antivirus and 1 more 2025-04-11 N/A
Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 1.0 and 2.0; Norton Internet Security, AntiVirus, SystemWorks, and Confidential 2006 through 2008; and Symantec Client Security 3.0.x before 3.1 MR9, and 3.1.x before MR9; allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. NOTE: this is only a vulnerability if the attacker can "masquerade as an authorized site."
CVE-2013-3327 8 Adobe, Apple, Google and 5 more 15 Adobe Air, Adobe Air Sdk, Flash Player and 12 more 2025-04-11 N/A
Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335.
CVE-2010-2770 2 Apple, Mozilla 4 Mac Os X, Firefox, Seamonkey and 1 more 2025-04-11 N/A
Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 on Mac OS X allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted font in a data: URL.
CVE-2013-4575 1 Symantec 1 Backup Exec 2025-04-11 N/A
Heap-based buffer overflow in the utility program in the Linux agent in Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 allows remote attackers to cause a denial of service (agent crash) or possibly execute arbitrary code via unspecified vectors.
CVE-2012-6468 1 Opera 1 Opera Browser 2025-04-11 N/A
Heap-based buffer overflow in Opera before 12.11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a long HTTP response.
CVE-2012-6568 1 Huawei 1 Utps 2025-04-11 N/A
Buffer overflow in the back-end component in Huawei UTPS 1.0 allows local users to gain privileges via a long IDS_PLUGIN_NAME string in a plug-in configuration file.
CVE-2013-7184 1 Gomlab 1 Gom Player 2025-04-11 N/A
Gretech GOM Media Player 2.2.56.5158 and earlier allows remote attackers to cause a denial of service (memory corruption) via a crafted AVI file.
CVE-2012-6569 1 Huawei 18 Ar 18-1x, Ar 18-2x, Ar 18-3x and 15 more 2025-04-11 N/A
Stack-based buffer overflow in the HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches allows remote attackers to execute arbitrary code via a long URI.
CVE-2012-6570 1 Huawei 18 Ar 18-1x, Ar 18-2x, Ar 18-3x and 15 more 2025-04-11 N/A
The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches does not check whether HTTP data is longer than the value of the Content-Length field, which allows remote HTTP servers to conduct heap-based buffer overflow attacks and execute arbitrary code via a crafted response.
CVE-2013-4588 2 Canonical, Linux 2 Ubuntu Linux, Linux Kernel 2025-04-11 7.0 High
Multiple stack-based buffer overflows in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 2.6.33, when CONFIG_IP_VS is used, allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability for (1) a getsockopt system call, related to the do_ip_vs_get_ctl function, or (2) a setsockopt system call, related to the do_ip_vs_set_ctl function.
CVE-2013-4591 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Rhel Eus 2025-04-11 N/A
Buffer overflow in the __nfs4_get_acl_uncached function in fs/nfs/nfs4proc.c in the Linux kernel before 3.7.2 allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via a getxattr system call for the system.nfs4_acl extended attribute of a pathname on an NFSv4 filesystem.
CVE-2010-0364 1 Videolan 1 Vlc Media Player 2025-04-11 N/A
Stack-based buffer overflow in VideoLAN VLC Media Player 0.8.6 allows user-assisted remote attackers to execute arbitrary code via an ogg file with a crafted Advanced SubStation Alpha Subtitle (.ass) file, probably involving the Dialogue field.
CVE-2013-3334 8 Adobe, Apple, Google and 5 more 15 Adobe Air, Adobe Air Sdk, Flash Player and 12 more 2025-04-11 N/A
Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, and CVE-2013-3335.
CVE-2010-0391 1 Embarcadero 1 Interbase Smp 2009 2025-04-11 N/A
Multiple stack-based buffer overflows in Embarcadero Technologies InterBase SMP 2009 9.0.3.437 allow remote attackers to execute arbitrary code via unknown vectors involving crafted packets. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2013-4630 1 Huawei 5 Ar 1200, Ar 150, Ar 200 and 2 more 2025-04-11 N/A
Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests.