Search Results (2714 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-1962 2 Mozilla, Redhat 5 Firefox, Seamonkey, Thunderbird and 2 more 2025-04-11 N/A
Use-after-free vulnerability in the JSDependentString::undepend function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving strings with multiple dependencies.
CVE-2010-1806 1 Apple 1 Safari 2025-04-11 N/A
Use-after-free vulnerability in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via run-in styling in an element, related to object pointers.
CVE-2013-4469 1 Openstack 3 Folsom, Grizzly, Havana 2025-04-11 N/A
OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_images is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by transferring an image with a large virtual size that does not contain a large amount of data from Glance. NOTE: this issue is due to an incomplete fix for CVE-2013-2096.
CVE-2013-0152 1 Xen 1 Xen 2025-04-11 N/A
Memory leak in Xen 4.2 and unstable allows local HVM guests to cause a denial of service (host memory consumption) by performing nested virtualization in a way that triggers errors that are not properly handled.
CVE-2010-4374 1 Nullsoft 1 Winamp 2025-04-11 N/A
The in_mkv plugin in Winamp before 5.6 allows remote attackers to cause a denial of service (application crash) via a Matroska Video (MKV) file containing a string with a crafted length.
CVE-2012-4432 1 Optipng 1 Optipng 2025-04-11 N/A
Use-after-free vulnerability in opngreduc.c in OptiPNG Hg and 0.7.x before 0.7.3 might allow remote attackers to execute arbitrary code via unspecified vectors related to "palette reduction."
CVE-2012-4629 1 Cisco 3 Adaptive Security Appliance, Asa Cx Context-aware Security, Prime Security Manager 2025-04-11 N/A
The Cisco ASA-CX Context-Aware Security module before 9.0.2-103 for Adaptive Security Appliances (ASA) devices, and Prime Security Manager (aka PRSM) before 9.0.2-103, allows remote attackers to cause a denial of service (disk consumption and application hang) via unspecified IPv4 packets that trigger log entries, aka Bug ID CSCub70603.
CVE-2012-4643 1 Cisco 11 5500 Series Adaptive Security Appliance, Adaptive Security Appliance Software, Catalyst 6500 and 8 more 2025-04-11 N/A
The DHCP server on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 7.0 before 7.2(5.8), 7.1 before 7.2(5.8), 7.2 before 7.2(5.8), 8.0 before 8.0(5.28), 8.1 before 8.1(2.56), 8.2 before 8.2(5.27), 8.3 before 8.3(2.31), 8.4 before 8.4(3.10), 8.5 before 8.5(1.9), and 8.6 before 8.6(1.5) does not properly allocate memory for DHCP packets, which allows remote attackers to cause a denial of service (device reload) via a series of crafted IPv4 packets, aka Bug ID CSCtw84068.
CVE-2012-4775 1 Microsoft 4 Internet Explorer, Windows 7, Windows Server 2008 and 1 more 2025-04-11 8.8 High
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreeNode Use After Free Vulnerability."
CVE-2010-4593 1 Ibm 1 Lotus Mobile Connect 2025-04-11 N/A
The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 does not properly maintain a certain reference count, which allows remote authenticated users to cause a denial of service (IP address exhaustion) by making invalid attempts to establish sessions with the same VPN ID from multiple devices.
CVE-2013-3140 1 Microsoft 1 Internet Explorer 2025-04-11 N/A
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted CMarkup object, aka "Internet Explorer Use After Free Vulnerability."
CVE-2011-4528 1 Unbound 1 Unbound 2025-04-11 N/A
Unbound before 1.4.13p2 attempts to free unallocated memory during processing of duplicate CNAME records in a signed zone, which allows remote DNS servers to cause a denial of service (daemon crash) via a crafted response.
CVE-2013-0176 1 Libssh 1 Libssh 2025-04-11 N/A
The publickey_from_privatekey function in libssh before 0.5.4, when no algorithm is matched during negotiations, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a "Client: Diffie-Hellman Key Exchange Init" packet.
CVE-2012-3847 1 Invensys 2 Intouch, Wonderware Application Server 2025-04-11 N/A
slssvc.exe in Invensys Wonderware SuiteLink in Invensys InTouch 2012 and Wonderware Application Server 2012 allows remote attackers to cause a denial of service (resource consumption) via a long Unicode string, a different vulnerability than CVE-2012-3007.
CVE-2013-2846 1 Google 1 Chrome 2025-04-11 N/A
Use-after-free vulnerability in the media loader in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2013-2840.
CVE-2013-2842 2 Apple, Google 2 Iphone Os, Chrome 2025-04-11 N/A
Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of widgets.
CVE-2013-2839 1 Google 1 Chrome 2025-04-11 N/A
Google Chrome before 27.0.1453.93 does not properly perform a cast of an unspecified variable during handling of clipboard data, which allows remote attackers to cause a denial of service or possibly have other impact via unknown vectors.
CVE-2013-2837 1 Google 1 Chrome 2025-04-11 N/A
Use-after-free vulnerability in the SVG implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2012-0352 1 Cisco 12 Nexus 1000v, Nexus 5000, Nexus 5010 and 9 more 2025-04-11 N/A
Cisco NX-OS 4.2.x before 4.2(1)SV1(5.1) on Nexus 1000v series switches; 4.x and 5.0.x before 5.0(2)N1(1) on Nexus 5000 series switches; and 4.2.x before 4.2.8, 5.0.x before 5.0.5, and 5.1.x before 5.1.1 on Nexus 7000 series switches allows remote attackers to cause a denial of service (netstack process crash and device reload) via a malformed IP packet, aka Bug IDs CSCti23447, CSCti49507, and CSCtj01991.
CVE-2012-5147 2 Google, Opensuse 2 Chrome, Opensuse 2025-04-11 N/A
Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM handling.