Search Results (15961 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-4552 1 Steve J Baker 1 Plib 2025-04-11 N/A
Stack-based buffer overflow in the error function in ssg/ssgParser.cxx in PLIB 1.8.5 allows remote attackers to execute arbitrary code via a crafted 3d model file that triggers a long error message, as demonstrated by a .ase file.
CVE-2012-4513 2 Kde, Redhat 2 Kde, Enterprise Linux 2025-04-11 N/A
khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via large canvas dimensions, which leads to an unexpected sign extension and a heap-based buffer over-read.
CVE-2012-0815 2 Redhat, Rpm 5 Enterprise Linux, Rhel Els, Rhel Eus and 2 more 2025-04-11 N/A
The headerVerifyInfo function in lib/header.c in RPM before 4.9.1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a negative value in a region offset of a package header, which is not properly handled in a numeric range comparison.
CVE-2012-0807 1 Hardened-php 1 Suhosin 2025-04-11 N/A
Stack-based buffer overflow in the suhosin_encrypt_single_cookie function in the transparent cookie-encryption feature in the Suhosin extension before 0.9.33 for PHP, when suhosin.cookie.encrypt and suhosin.multiheader are enabled, might allow remote attackers to execute arbitrary code via a long string that is used in a Set-Cookie HTTP header.
CVE-2012-0804 2 Cvs, Redhat 2 Cvs, Enterprise Linux 2025-04-11 N/A
Heap-based buffer overflow in the proxy_connect function in src/client.c in CVS 1.11 and 1.12 allows remote HTTP proxy servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTTP response.
CVE-2012-4353 1 Sielcosistemi 2 Winlog Lite, Winlog Pro 2025-04-11 N/A
Stack-based buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a crafted port-46824 TCP packet that triggers an incorrect file-open attempt by the _TCPIPS_BinOpenFileFP function, a different vulnerability than CVE-2012-3815. NOTE: some of these details are obtained from third party information.
CVE-2012-0802 1 Spamdyke 1 Spamdyke 2025-04-11 N/A
Multiple buffer overflows in Spamdyke before 4.3.0 might allow remote attackers to execute arbitrary code via vectors related to "serious errors in the usage of snprintf()/vsnprintf()" in which the return values may be larger than the size of the buffer.
CVE-2012-0757 1 Adobe 1 Shockwave Player 2025-04-11 N/A
The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0760, CVE-2012-0761, CVE-2012-0762, CVE-2012-0763, CVE-2012-0764, and CVE-2012-0766.
CVE-2012-4295 2 Sun, Wireshark 2 Sunos, Wireshark 2025-04-11 N/A
Array index error in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 might allow remote attackers to cause a denial of service (application crash) via a crafted speed (aka rate) value.
CVE-2013-1019 2 Apple, Microsoft 5 Iphone Os, Quicktime, Windows 7 and 2 more 2025-04-11 N/A
Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding.
CVE-2012-4294 2 Sun, Wireshark 2 Sunos, Wireshark 2025-04-11 N/A
Buffer overflow in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code via a large speed (aka rate) value.
CVE-2013-3026 1 Ibm 1 Lotus Quickr For Domino 2025-04-11 N/A
Buffer overflow in the Lotus Quickr for Domino ActiveX control in qp2.cab in IBM Lotus Quickr 8.1 before FP 8.1.0.32-001a, 8.2 before FP 8.2.0.28-001a, and 8.5.1 before FP 8.5.1.39-002a for Domino allows remote attackers to execute arbitrary code via a crafted web site.
CVE-2012-0725 6 Adobe, Apple, Google and 3 more 8 Air, Flash Player, Macos and 5 more 2025-04-11 N/A
Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2012-0724.
CVE-2013-4079 2 Opensuse, Wireshark 2 Opensuse, Wireshark 2025-04-11 N/A
The dissect_schedule_message function in epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (infinite loop and application hang) via a crafted packet.
CVE-2012-0724 6 Adobe, Apple, Google and 3 more 8 Air, Flash Player, Macos and 5 more 2025-04-11 N/A
Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2012-0725.
CVE-2010-4192 1 Adobe 1 Shockwave Player 2025-04-11 N/A
Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted 3D Assets 0xFFFFFF88 type record that triggers an incorrect memory allocation, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4191, and CVE-2010-4306.
CVE-2010-4190 1 Adobe 1 Shockwave Player 2025-04-11 N/A
Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted CSWV RIFF chunk that causes an incorrect calculation of an offset for a substructure, which causes an out-of-bounds "seek" of heap memory, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4191, CVE-2010-4192, and CVE-2010-4306.
CVE-2012-0638 1 Apple 2 Itunes, Webkit 2025-04-11 N/A
WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.
CVE-2012-0637 1 Apple 3 Itunes, Safari, Webkit 2025-04-11 N/A
WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.
CVE-2010-4187 1 Adobe 1 Shockwave Player 2025-04-11 N/A
Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed chunk in a Director file, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4190, CVE-2010-4191, CVE-2010-4192, and CVE-2010-4306.