Total
11925 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-3345 | 5 Adobe, Apple, Google and 2 more | 5 Flash Player, Mac Os X, Android and 2 more | 2013-08-22 | 10.0 HIGH | N/A |
| Adobe Flash Player before 11.7.700.232 and 11.8.x before 11.8.800.94 on Windows and Mac OS X, before 11.2.202.297 on Linux, before 11.1.111.64 on Android 2.x and 3.x, and before 11.1.115.69 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||||
| CVE-2013-1772 | 1 Linux | 1 Linux Kernel | 2013-08-22 | 4.0 MEDIUM | N/A |
| The log_prefix function in kernel/printk.c in the Linux kernel 3.x before 3.4.33 does not properly remove a prefix string from a syslog header, which allows local users to cause a denial of service (buffer overflow and system crash) by leveraging /dev/kmsg write access and triggering a call_console_drivers function call. | |||||
| CVE-2013-0131 | 1 Nvidia | 1 Gpu Driver | 2013-08-22 | 7.1 HIGH | N/A |
| Buffer overflow in the NVIDIA GPU driver before 304.88, 310.x before 310.44, and 313.x before 313.30 for the X Window System on UNIX, when NoScanout mode is enabled, allows remote authenticated users to execute arbitrary code via a large ARGB cursor. | |||||
| CVE-2012-3518 | 1 Tor | 1 Tor | 2013-08-22 | 5.0 MEDIUM | N/A |
| The networkstatus_parse_vote_from_string function in routerparse.c in Tor before 0.2.2.38 does not properly handle an invalid flavor name, which allows remote attackers to cause a denial of service (out-of-bounds read and daemon crash) via a crafted (1) vote document or (2) consensus document. | |||||
| CVE-2013-3410 | 1 Cisco | 2 Intrusion Prevention System, Ips Nme | 2013-08-20 | 7.8 HIGH | N/A |
| Cisco Intrusion Prevention System (IPS) Software on IPS NME devices before 7.0(9)E4 allows remote attackers to cause a denial of service (device reload) via malformed IPv4 packets that trigger incorrect memory allocation, aka Bug ID CSCua61977. | |||||
| CVE-2013-3348 | 1 Adobe | 1 Shockwave Player | 2013-08-20 | 10.0 HIGH | N/A |
| Adobe Shockwave Player before 12.0.3.133 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||||
| CVE-2010-4557 | 1 Invensys | 2 Foxboro I\/a Series Batch, Wonderware Inbatch | 2013-08-19 | 10.0 HIGH | N/A |
| Buffer overflow in the lm_tcp service in Invensys Wonderware InBatch 8.1 and 9.0, as used in Invensys Foxboro I/A Series Batch 8.1 and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted request to port 9001. | |||||
| CVE-2008-3544 | 1 Hp | 1 Openview Network Node Manager | 2013-08-19 | 9.0 HIGH | N/A |
| Multiple stack-based buffer overflows in ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.51, and possibly 7.01, 7.50, and 7.53, allow remote attackers to execute arbitrary code via a long (1) REQUEST_SEV_CHANGE (aka number 47), (2) REQUEST_SAVE_STATE (aka number 61), or (3) REQUEST_RESTORE_STATE (aka number 62) request to TCP port 2954. | |||||
| CVE-2013-2127 | 1 Libraw | 1 Libraw | 2013-08-14 | 7.5 HIGH | N/A |
| Buffer overflow in the exposure correction code in LibRaw before 0.15.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. | |||||
| CVE-2013-2785 | 1 Ge | 2 Intelligent Platforms Proficy Hmi\/scada Cimplicity, Intelligent Platforms Proficy Process Systems With Cimplicity | 2013-07-31 | 9.3 HIGH | N/A |
| Multiple buffer overflows in CimWebServer.exe in the WebView component in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY before 8.0 SIM 27, 8.1 before SIM 25, and 8.2 before SIM 19, and Proficy Process Systems with CIMPLICITY, allow remote attackers to execute arbitrary code via crafted data in packets to TCP port 10212, aka ZDI-CAN-1621 and ZDI-CAN-1624. | |||||
| CVE-2013-2220 | 2 Php, Radius Extension Project | 2 Php, Radius | 2013-07-31 | 7.5 HIGH | N/A |
| Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value. | |||||
| CVE-2013-1377 | 1 Adobe | 1 Digital Editions | 2013-07-31 | 10.0 HIGH | N/A |
| Adobe Digital Editions 2.x before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||||
| CVE-2013-0723 | 1 Kingsoft | 1 Spreadsheets 2012 | 2013-07-30 | 9.3 HIGH | N/A |
| Multiple heap-based buffer overflows in etxrw.dll in Kingsoft Spreadsheets 2012 8.1.0.3030 allow remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a crafted spreadsheet file. | |||||
| CVE-2013-3300 | 1 Liftweb | 1 Lift | 2013-07-29 | 4.0 MEDIUM | N/A |
| The JsonParser class in json/JsonParser.scala in Lift before 2.5 interprets a certain end-index value as a length value, which allows remote authenticated users to obtain sensitive information from other users' sessions via invalid input data containing a < (less than) character. | |||||
| CVE-2012-6349 | 2 Autonomy, Ibm | 2 Keyview Idol, Lotus Notes | 2013-07-29 | 9.3 HIGH | N/A |
| Buffer overflow in the .mdb parser in Autonomy KeyView IDOL, as used in IBM Notes 8.5.x before 8.5.3 FP4, allows remote attackers to execute arbitrary code via a crafted file, aka SPR KLYH92XL3W. | |||||
| CVE-2013-3399 | 1 Cisco | 1 Desktop Collaboration Experience | 2013-07-23 | 6.6 MEDIUM | N/A |
| Buffer overflow in an unspecified Android API on the Cisco Desktop Collaboration Experience DX650 allows attackers to execute arbitrary code via vectors that leverage incorrect memory allocation, aka Bug IDs CSCuf93957, CSCug22352, and CSCug22462. | |||||
| CVE-2013-1218 | 1 Cisco | 9 Asa 5500-x Series Ips Ssp Software, Asa 5585-x, Idsm-2 and 6 more | 2013-07-18 | 7.8 HIGH | N/A |
| Cisco Intrusion Prevention System (IPS) Software in ASA 5500-X IPS-SSP software modules before 7.1(7)sp1E4 allows remote attackers to cause a denial of service (Analysis Engine process hang or device reload) via fragmented (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCue51272. | |||||
| CVE-2011-1852 | 1 Hp | 1 Intelligent Management Center | 2013-07-17 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allow remote attackers to execute arbitrary code via crafted packet content accompanying a (1) DATA or (2) ERROR opcode. | |||||
| CVE-2013-2688 | 1 Blackberry | 2 Qnx Neutrino Rtos, Qnx Software Development Platform | 2013-07-15 | 5.4 MEDIUM | N/A |
| Buffer overflow in phrelay in BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868 that leverage improper handling of the /dev/photon device file. | |||||
| CVE-2013-2687 | 1 Blackberry | 3 Qnx Momentics Tool Suite, Qnx Neutrino Rtos, Qnx Software Development Platform | 2013-07-15 | 7.8 HIGH | N/A |
| Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868. | |||||