Total
14486 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-0595 | 1 Apple | 2 Iphone Os, Itunes | 2025-04-11 | N/A |
| WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | ||||
| CVE-2013-6627 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| net/http/http_stream_parser.cc in Google Chrome before 31.0.1650.48 does not properly process HTTP Informational (aka 1xx) status codes, which allows remote web servers to cause a denial of service (out-of-bounds read) via a crafted response. | ||||
| CVE-2011-3322 | 1 Scadatec | 1 Procyon Scada | 2025-04-11 | N/A |
| Core Server HMI Service (Coreservice.exe) in Scadatec Limited Procyon SCADA 1.06, and other versions before 1.14, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password to the Telnet (TCP/23) port, which triggers an out-of-bounds read or write, leading to a stack-based buffer overflow. | ||||
| CVE-2012-0162 | 1 Microsoft | 1 .net Framework | 2025-04-11 | N/A |
| Microsoft .NET Framework 4 does not properly allocate buffers, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework application, aka ".NET Framework Buffer Allocation Vulnerability." | ||||
| CVE-2013-6639 | 2 Google, Redhat | 5 Chrome, V8, Rhel Software Collections and 2 more | 2025-04-11 | N/A |
| The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc) in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via JavaScript code that sets the value of an array element with a crafted index. | ||||
| CVE-2011-3268 | 1 Php | 1 Php | 2025-04-11 | N/A |
| Buffer overflow in the crypt function in PHP before 5.3.7 allows context-dependent attackers to have an unspecified impact via a long salt argument, a different vulnerability than CVE-2011-2483. | ||||
| CVE-2013-6693 | 1 Cisco | 2 7600 Router, Ios | 2025-04-11 | N/A |
| The MLDP implementation in Cisco IOS 15.3(3)S and earlier on 7600 routers, when many VRFs are configured, allows remote attackers to cause a denial of service (chunk corruption and device reload) by establishing many multicast flows, aka Bug ID CSCue22345. | ||||
| CVE-2011-3233 | 1 Apple | 2 Itunes, Webkit | 2025-04-11 | N/A |
| WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | ||||
| CVE-2011-5167 | 2 Oracle, Tidestone | 2 Hyperion Strategic Finance, Formula One Activex Control | 2025-04-11 | N/A |
| Heap-based buffer overflow in the SetDevNames method of the Tidestone Formula One ActiveX control (TTF16.ocx) 6.3.5 Build 1 in Oracle Hyperion Strategic Finance 12.x and possibly earlier allows remote attackers to execute arbitrary code via a long string to the DriverName parameter. | ||||
| CVE-2013-6817 | 1 Sap | 1 Network Interface Router | 2025-04-11 | N/A |
| Heap-based buffer overflow in SAP Network Interface Router (SAProuter) 7.30 allows remote attackers to cause a denial of service and execute arbitrary code via crafted NI Route messages. | ||||
| CVE-2011-5164 | 1 Vandyke | 1 Absoluteftp | 2025-04-11 | N/A |
| Stack-based buffer overflow in VanDyke Software AbsoluteFTP 1.9.6 through 2.2.10 allows remote FTP servers to execute arbitrary code via a crafted file name in a LIST command response. | ||||
| CVE-2011-4536 | 1 Wellintech | 1 Kingview | 2025-04-11 | N/A |
| Heap-based buffer overflow in nettransdll.dll in HistorySvr.exe (aka HistoryServer.exe) in WellinTech KingView 6.53 and 65.30.2010.18018 allows remote attackers to execute arbitrary code via a crafted op-code 3 packet. | ||||
| CVE-2013-6933 | 1 Live555 | 1 Streaming Media | 2025-04-11 | N/A |
| The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2011.08.13 through 2013.11.25, as used in VideoLAN VLC Media Player, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) space or (2) tab character at the beginning of an RTSP message, which triggers an integer underflow, infinite loop, and buffer overflow. | ||||
| CVE-2013-7009 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The rpza_decode_stream function in libavcodec/rpza.c in FFmpeg before 2.1 does not properly maintain a pointer to pixel data, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Apple RPZA data. | ||||
| CVE-2013-7020 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2025-04-11 | N/A |
| The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 does not properly enforce certain bit-count and colorspace constraints, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted FFV1 data. | ||||
| CVE-2013-7039 | 1 Gnu | 1 Libmicrohttpd | 2025-04-11 | N/A |
| Stack-based buffer overflow in the MHD_digest_auth_check function in libmicrohttpd before 0.9.32, when MHD_OPTION_CONNECTION_MEMORY_LIMIT is set to a large value, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long URI in an authentication header. | ||||
| CVE-2013-7049 | 1 Znc | 1 Znc-msvc | 2025-04-11 | N/A |
| Stack-based buffer overflow in fish.cpp in the Fish plugin for ZNC, as used in ZNC for Windows (znc-msvc) 0.206 and earlier, allows remote attackers to cause a denial of service (crash) via a long string in a DH1080_INIT message. | ||||
| CVE-2013-7105 | 1 Fujitsu | 2 Interstage Application Server, Interstage Studio | 2025-04-11 | N/A |
| Buffer overflow in the Interstage HTTP Server log functionality, as used in Fujitsu Interstage Application Server 9.0.0, 9.1.0, 9.2.0, 9.3.1, and 10.0.0; and Interstage Studio 9.0.0, 9.1.0, 9.2.0, and 10.0.0, has unspecified impact and attack vectors related to "ihsrlog/rotatelogs." | ||||
| CVE-2011-5163 | 2 Mitsubishi-automation, Schneider-electric | 2 Mx4 Scada, Citectscada | 2025-04-11 | N/A |
| Buffer overflow in an unspecified third-party component in the Batch module for Schneider Electric CitectSCADA before 7.20 and Mitsubishi MX4 SCADA before 7.20 allows local users to execute arbitrary code via a long string in a login sequence. | ||||
| CVE-2013-7205 | 1 Nagios | 1 Nagios | 2025-04-11 | N/A |
| Off-by-one error in the process_cgivars function in contrib/daemonchk.c in Nagios Core 3.5.1, 4.0.2, and earlier allows remote authenticated users to obtain sensitive information from process memory or cause a denial of service (crash) via a long string in the last key value in the variable list, which triggers a heap-based buffer over-read. | ||||