Search Results (14765 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-0804 2 Cvs, Redhat 2 Cvs, Enterprise Linux 2025-04-11 N/A
Heap-based buffer overflow in the proxy_connect function in src/client.c in CVS 1.11 and 1.12 allows remote HTTP proxy servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTTP response.
CVE-2010-2570 1 Microsoft 1 Publisher 2025-04-11 N/A
Heap-based buffer overflow in pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3, 2003 SP3, 2007 SP2, and 2010 allows remote attackers to execute arbitrary code via a crafted Publisher file that uses an old file format, aka "Heap Overrun in pubconv.dll Vulnerability."
CVE-2013-0656 1 Siemens 2 Simatic Rf-manager, Simatic Rf-manager 2008 2025-04-11 N/A
Buffer overflow in a third-party ActiveX component in Siemens SIMATIC RF-MANAGER 2008, and RF-MANAGER Basic 3.0 and earlier, allows remote attackers to execute arbitrary code via a crafted web site.
CVE-2010-4538 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2025-04-11 N/A
Buffer overflow in the sect_enttec_dmx_da function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding (RLE) compression.
CVE-2010-2578 1 Realnetworks 2 Realplayer, Realplayer Sp 2025-04-11 N/A
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 allows remote attackers to have an unspecified impact via a crafted QCP file.
CVE-2010-2582 1 Adobe 1 Shockwave Player 2025-04-11 N/A
An unspecified function in TextXtra.x32 in Adobe Shockwave Player before 11.5.9.615 does not properly reallocate a buffer when processing a DEMX chunk in a Director file, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code.
CVE-2012-3678 1 Apple 1 Safari 2025-04-11 N/A
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
CVE-2010-3121 1 Devonit 1 Thin-client Management Tool 2025-04-11 N/A
Buffer overflow in tm-console-bin in the DevonIT thin-client management tool might allow remote attackers to execute arbitrary code via unspecified vectors.
CVE-2012-2833 1 Google 1 Chrome 2025-04-11 N/A
Buffer overflow in the JS API in the PDF functionality in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2013-1320 1 Microsoft 1 Publisher 2025-04-11 N/A
Buffer overflow in Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Buffer Overflow Vulnerability."
CVE-2013-6029 1 Att 1 Connect Participant Application 2025-04-11 N/A
Stack-based buffer overflow in the AT&T Connect Participant Application before 9.5.51 on Windows allows remote attackers to execute arbitrary code via a malformed .SVT file.
CVE-2011-3992 1 Dlink 6 Des-3800, Des-3800 Firmware, Dwl-2100ap and 3 more 2025-04-11 N/A
Buffer overflow in the SSH server functionality on the D-Link DES-3800 with firmware before 4.50B052, DWL-2100AP with firmware before 2.50RC548, and DWL-3200AP with firmware before 2.55RC549 allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors.
CVE-2010-0741 4 Kvm Qumranet, Linux, Qemu and 1 more 5 Kvm, Linux Kernel, Qemu and 2 more 2025-04-11 N/A
The virtio_net_bad_features function in hw/virtio-net.c in the virtio-net driver in the Linux kernel before 2.6.26, when used on a guest OS in conjunction with qemu-kvm 0.11.0 or KVM 83, allows remote attackers to cause a denial of service (guest OS crash, and an associated qemu-kvm process exit) by sending a large amount of network traffic to a TCP port on the guest OS, related to a virtio-net whitelist that includes an improper implementation of TCP Segment Offloading (TSO).
CVE-2013-0107 1 Foxitsoftware 1 Foxit Advanced Pdf Editor 2025-04-11 N/A
Stack-based buffer overflow in Foxit Advanced PDF Editor 3 before 3.04 might allow remote attackers to execute arbitrary code via a crafted document containing instructions that reconstruct a certain security cookie.
CVE-2011-1087 1 Videolan 1 Vlc Media Player 2025-04-11 N/A
Buffer overflow in VideoLAN VLC media player 1.0.5 allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .mp3 file that is played during bookmark creation.
CVE-2014-0260 1 Microsoft 6 Office Compatibility Pack, Office Web Apps, Office Web Apps Server and 3 more 2025-04-11 N/A
Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office Compatibility Pack SP3; Word Viewer; SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Office Web Apps Server 2013 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability."
CVE-2013-0109 1 Nvidia 1 Display Driver 2025-04-11 N/A
The NVIDIA driver before 307.78, and Release 310 before 311.00, in the NVIDIA Display Driver service on Windows does not properly handle exceptions, which allows local users to gain privileges or cause a denial of service (memory overwrite) via a crafted application.
CVE-2012-6570 1 Huawei 18 Ar 18-1x, Ar 18-2x, Ar 18-3x and 15 more 2025-04-11 N/A
The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches does not check whether HTTP data is longer than the value of the Content-Length field, which allows remote HTTP servers to conduct heap-based buffer overflow attacks and execute arbitrary code via a crafted response.
CVE-2012-5252 6 Adobe, Apple, Google and 3 more 9 Adobe Air, Adobe Air Sdk, Flash Player and 6 more 2025-04-11 N/A
Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22.
CVE-2012-3794 1 Pro-face 2 Pro-server Ex, Wingp Pc Runtime 2025-04-11 N/A
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service (unhandled exception and daemon crash) via a crafted packet with a certain opcode that triggers an invalid attempt to allocate a large amount of memory.