Search Results (15956 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2011-0245 1 Apple 1 Quicktime 2025-04-11 N/A
Buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted pict file.
CVE-2011-0241 2 Apple, Microsoft 5 Imageio, Safari, Windows 7 and 2 more 2025-04-11 N/A
Heap-based buffer overflow in ImageIO in Apple Safari before 5.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with CCITT Group 4 encoding.
CVE-2012-3007 1 Invensys 5 Dasabcip, Daserver Runtime Components, Dassidirect and 2 more 2025-04-11 N/A
Stack-based buffer overflow in slssvc.exe before 58.x in Invensys Wonderware SuiteLink in the Invensys System Platform software suite, as used in InTouch/Wonderware Application Server IT before 10.5 and WAS before 3.5, DASABCIP before 4.1 SP2, DASSiDirect before 3.0, DAServer Runtime Components before 3.0 SP2, and other products, allows remote attackers to cause a denial of service (daemon crash or hang) via a long Unicode string.
CVE-2012-3017 1 Siemens 4 Simatic S7-400 Cpu 414-3 Pn\/dp, Simatic S7-400 Cpu 416-3 Pn\/dp, Simatic S7-400 Cpu 416f-3 Pn\/dp and 1 more 2025-04-11 N/A
Siemens SIMATIC S7-400 PN CPU devices with firmware 5.x allow remote attackers to cause a denial of service (defect-mode transition and service outage) via (1) malformed HTTP traffic or (2) malformed IP packets.
CVE-2012-3035 1 Emerson 1 Deltav 2025-04-11 N/A
Buffer overflow in Emerson DeltaV 9.3.1 and 10.3 through 11.3.1 allows remote attackers to cause a denial of service (daemon crash) via a long string to an unspecified port.
CVE-2011-0235 2 Apple, Microsoft 7 Mac Os X, Mac Os X Server, Safari and 4 more 2025-04-11 N/A
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.
CVE-2011-0232 2 Apple, Microsoft 7 Mac Os X, Mac Os X Server, Safari and 4 more 2025-04-11 N/A
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.
CVE-2012-4204 4 Canonical, Mozilla, Opensuse and 1 more 8 Ubuntu Linux, Firefox, Seamonkey and 5 more 2025-04-11 N/A
The str_unescape function in the JavaScript engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.
CVE-2011-0221 2 Apple, Microsoft 7 Mac Os X, Mac Os X Server, Safari and 4 more 2025-04-11 N/A
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.
CVE-2011-0198 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-11 N/A
Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code via a crafted embedded TrueType font.
CVE-2012-5830 6 Apple, Canonical, Mozilla and 3 more 16 Mac Os X, Ubuntu Linux, Firefox and 13 more 2025-04-11 8.8 High
Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 on Mac OS X allows remote attackers to execute arbitrary code via an HTML document.
CVE-2010-5289 1 Incredimail 1 Incredimail 2025-04-11 N/A
Buffer overflow in the Authenticate method in the INCREDISPOOLERLib.Pop ActiveX control in ImSpoolU.dll in IncrediMail 2.0 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long string in the first argument.
CVE-2012-5240 1 Wireshark 1 Wireshark 2025-04-11 N/A
Buffer overflow in the dissect_tlv function in epan/dissectors/packet-ldp.c in the LDP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malformed packet.
CVE-2011-5001 1 Trend Micro 1 Control Manager 2025-04-11 N/A
Stack-based buffer overflow in the CGenericScheduler::AddTask function in cmdHandlerRedAlertController.dll in CmdProcessor.exe in Trend Micro Control Manager 5.5 before Build 1613 allows remote attackers to execute arbitrary code via a crafted IPC packet to TCP port 20101.
CVE-2012-3334 1 Ibm 1 Informix Dynamic Server 2025-04-11 N/A
Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 11.50 before 11.50.xC9W2 and 11.70 before 11.70.xC5 allows remote authenticated users to execute arbitrary code via crafted arguments in a SET COLLATION statement.
CVE-2012-3377 1 Videolan 1 Vlc Media Player 2025-04-11 N/A
Heap-based buffer overflow in the Ogg_DecodePacket function in the OGG demuxer (modules/demux/ogg.c) in VideoLAN VLC media player before 2.0.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted OGG file.
CVE-2012-5257 6 Adobe, Apple, Google and 3 more 9 Adobe Air, Adobe Air Sdk, Flash Player and 6 more 2025-04-11 N/A
Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22.
CVE-2012-0897 1 Irfanview 1 Irfanview 2025-04-11 N/A
Stack-based buffer overflow in the JPEG2000 plugin in IrfanView PlugIns before 4.33 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment.
CVE-2012-5264 6 Adobe, Apple, Google and 3 more 9 Adobe Air, Adobe Air Sdk, Flash Player and 6 more 2025-04-11 N/A
Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22.
CVE-2012-5265 6 Adobe, Apple, Google and 3 more 9 Adobe Air, Adobe Air Sdk, Flash Player and 6 more 2025-04-11 N/A
Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22.