Total
1224 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-3347 | 5 Adobe, Apple, Google and 2 more | 5 Flash Player, Mac Os X, Android and 2 more | 2013-08-22 | 10.0 HIGH | N/A |
| Integer overflow in Adobe Flash Player before 11.7.700.232 and 11.8.x before 11.8.800.94 on Windows and Mac OS X, before 11.2.202.297 on Linux, before 11.1.111.64 on Android 2.x and 3.x, and before 11.1.115.69 on Android 4.x allows attackers to execute arbitrary code via PCM data that is not properly handled during resampling. | |||||
| CVE-2013-3697 | 2 Microsoft, Novell | 7 Windows 2003 Server, Windows 7, Windows 8 and 4 more | 2013-07-31 | 7.2 HIGH | N/A |
| Integer overflow in the NWFS.SYS kernel driver 4.91.5.8 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003 and the NCPL.SYS kernel driver in Novell Client 2 SP2 on Windows Vista and Windows Server 2008 and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 might allow local users to gain privileges via a crafted 0x1439EB IOCTL call. | |||||
| CVE-2013-1982 | 1 X | 1 Libxext | 2013-06-21 | 6.8 MEDIUM | N/A |
| Multiple integer overflows in X.org libXext 1.3.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XcupGetReservedColormapEntries, (2) XcupStoreColors, (3) XdbeGetVisualInfo, (4) XeviGetVisualInfo, (5) XShapeGetRectangles, and (6) XSyncListSystemCounters functions. | |||||
| CVE-2012-4706 | 1 3s-software | 1 Codesys Gateway-server | 2013-05-21 | 7.8 HIGH | N/A |
| Integer signedness error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to cause a denial of service via a crafted packet that triggers a heap-based buffer overflow. | |||||
| CVE-2013-0306 | 2 Canonical, Djangoproject | 2 Ubuntu Linux, Django | 2013-05-15 | 5.0 MEDIUM | N/A |
| The form library in Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release candidate 2 allows remote attackers to bypass intended resource limits for formsets and cause a denial of service (memory consumption) or trigger server errors via a modified max_num parameter. | |||||
| CVE-2010-2065 | 1 Libtiff | 1 Libtiff | 2013-05-15 | 6.8 MEDIUM | N/A |
| Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow. | |||||
| CVE-2010-1411 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2013-05-15 | 6.8 MEDIUM | N/A |
| Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3, as used in ImageIO in Apple Mac OS X 10.5.8 and Mac OS X 10.6 before 10.6.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file that triggers a heap-based buffer overflow. | |||||
| CVE-2012-4714 | 1 Rockwellautomation | 1 Factorytalk Services Platform | 2013-04-18 | 7.8 HIGH | N/A |
| Integer overflow in RNADiagnostics.dll in Rockwell Automation FactoryTalk Services Platform (FTSP) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service (service outage or RNADiagReceiver.exe daemon crash) via UDP data that specifies a large integer value. | |||||
| CVE-2012-4713 | 1 Rockwellautomation | 1 Factorytalk Services Platform | 2013-04-18 | 7.8 HIGH | N/A |
| Integer signedness error in RNADiagnostics.dll in Rockwell Automation FactoryTalk Services Platform (FTSP) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service (service outage or RNADiagReceiver.exe daemon crash) via UDP data that specifies a negative integer value. | |||||
| CVE-2012-0271 | 1 Novell | 1 Groupwise | 2013-04-02 | 10.0 HIGH | N/A |
| Integer overflow in the WebConsole component in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before 8.0.3 HP1 and 2012 before SP1 might allow remote attackers to execute arbitrary code via a crafted request that triggers a heap-based buffer overflow, as demonstrated by a request with -1 in the Content-Length HTTP header. | |||||
| CVE-2012-4458 | 1 Apache | 1 Qpid | 2013-03-19 | 5.0 MEDIUM | N/A |
| The AMQP type decoder in Apache Qpid 0.20 and earlier allows remote attackers to cause a denial of service (memory consumption and server crash) via a large number of zero width elements in the client-properties map in a connection.start-ok message. | |||||
| CVE-2012-4459 | 1 Apache | 1 Qpid | 2013-03-19 | 5.0 MEDIUM | N/A |
| Integer overflow in the qpid::framing::Buffer::checkAvailable function in Apache Qpid 0.20 and earlier allows remote attackers to cause a denial of service (crash) via a crafted message, which triggers an out-of-bounds read. | |||||
| CVE-2013-0312 | 1 Fedoraproject | 1 389 Directory Server | 2013-03-19 | 5.0 MEDIUM | N/A |
| 389 Directory Server before 1.3.0.4 allows remote attackers to cause a denial of service (crash) via a zero length LDAP control sequence. | |||||
| CVE-2012-4351 | 1 Symantec | 2 Encryption Desktop, Pgp Desktop | 2013-02-18 | 6.9 MEDIUM | N/A |
| Integer overflow in pgpwded.sys in Symantec PGP Desktop 10.x and Encryption Desktop 10.3.0 before MP1 allows local users to gain privileges via a crafted application. | |||||
| CVE-2012-0417 | 1 Novell | 1 Groupwise | 2013-02-14 | 10.0 HIGH | N/A |
| Integer overflow in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2010-1766 | 2 Digia, Webkit | 2 Qt, Webkit | 2013-02-07 | 7.5 HIGH | N/A |
| Off-by-one error in the WebSocketHandshake::readServerHandshake function in websockets/WebSocketHandshake.cpp in WebCore in WebKit before r56380, as used in Qt and other products, allows remote websockets servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an upgrade header that is long and invalid. | |||||
| CVE-2011-0216 | 2 Apple, Microsoft | 4 Safari, Windows 7, Windows Vista and 1 more | 2013-02-07 | 9.3 HIGH | N/A |
| Off-by-one error in libxml in Apple Safari before 5.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via a crafted web site. | |||||
| CVE-2010-1525 | 1 Autonomy | 3 Keyview Export Sdk, Keyview Filter Sdk, Keyview Viewer Sdk | 2013-02-07 | 9.3 HIGH | N/A |
| Integer underflow in the SpreadSheet Lotus 123 reader (wkssr.dll) in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted size for an unspecified record type, which triggers a heap-based buffer overflow. | |||||
| CVE-2010-0134 | 1 Autonomy | 3 Keyview Export Sdk, Keyview Filter Sdk, Keyview Viewer Sdk | 2013-02-07 | 9.3 HIGH | N/A |
| Integer signedness error in rtfsr.dll in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allows remote attackers to execute arbitrary code via a crafted \ls keyword in a list override table entry in an RTF file, which triggers a buffer overflow. | |||||
| CVE-2009-3032 | 2 Ibm, Symantec | 6 Lotus Notes, Brightmail Gateway, Data Loss Prevention Detection Servers and 3 more | 2013-02-07 | 10.0 HIGH | N/A |
| Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow. | |||||