Export limit exceeded: 20907 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20907 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-0779 | 3 Canonical, Mozilla, Opensuse | 6 Ubuntu Linux, Firefox, Seamonkey and 3 more | 2025-04-11 | N/A |
| The nsCodingStateMachine::NextState function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors. | ||||
| CVE-2010-4540 | 2 Gimp, Redhat | 2 Gimp, Enterprise Linux | 2025-04-11 | N/A |
| Stack-based buffer overflow in the load_preset_response function in plug-ins/lighting/lighting-ui.c in the "LIGHTING EFFECTS > LIGHT" plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long Position field in a plugin configuration file. NOTE: it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2013-0760 | 4 Canonical, Mozilla, Opensuse and 1 more | 9 Ubuntu Linux, Firefox, Seamonkey and 6 more | 2025-04-11 | N/A |
| Buffer overflow in the CharDistributionAnalysis::HandleOneChar function in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document. | ||||
| CVE-2011-3970 | 4 Google, Redhat, Suse and 1 more | 6 Chrome, Enterprise Linux, Linux Enterprise Desktop and 3 more | 2025-04-11 | N/A |
| libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||||
| CVE-2010-4531 | 2 Muscle, Redhat | 2 Pcsc-lite, Enterprise Linux | 2025-04-11 | N/A |
| Stack-based buffer overflow in the ATRDecodeAtr function in the Answer-to-Reset (ATR) Handler (atrhandler.c) for pcscd in PCSC-Lite 1.5.3, and possibly other 1.5.x and 1.6.x versions, allows physically proximate attackers to cause a denial of service (crash) and possibly execute arbitrary code via a smart card with an ATR message containing a long attribute value. | ||||
| CVE-2011-1006 | 2 Balbir Singh, Redhat | 2 Libcgroup, Enterprise Linux | 2025-04-11 | N/A |
| Heap-based buffer overflow in the parse_cgroup_spec function in tools/tools-common.c in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 allows local users to gain privileges via a crafted controller list on the command line of an application. NOTE: it is not clear whether this issue crosses privilege boundaries. | ||||
| CVE-2010-4253 | 4 Apache, Canonical, Debian and 1 more | 4 Openoffice, Ubuntu Linux, Debian Linux and 1 more | 2025-04-11 | N/A |
| Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file in an ODF or Microsoft Office document, as demonstrated by a PowerPoint (aka PPT) document. | ||||
| CVE-2010-4643 | 2 Apache, Redhat | 2 Openoffice, Enterprise Linux | 2025-04-11 | N/A |
| Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Truevision TGA (TARGA) file in an ODF or Microsoft Office document. | ||||
| CVE-2012-5964 | 1 Portable Sdk For Upnp Project | 1 Portable Sdk For Upnp | 2025-04-11 | N/A |
| Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) 1.3.1 allows remote attackers to execute arbitrary code via a long ServiceType (aka urn service) field in a UDP packet. | ||||
| CVE-2012-1173 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2025-04-11 | N/A |
| Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow remote attackers to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the (1) gtTileSeparate or (2) gtStripSeparate function, leading to a heap-based buffer overflow. | ||||
| CVE-2013-2893 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Mrg | 2025-04-11 | N/A |
| The Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device, related to (1) drivers/hid/hid-lgff.c, (2) drivers/hid/hid-lg3ff.c, and (3) drivers/hid/hid-lg4ff.c. | ||||
| CVE-2012-5965 | 1 Portable Sdk For Upnp Project | 1 Portable Sdk For Upnp | 2025-04-11 | N/A |
| Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) 1.3.1 allows remote attackers to execute arbitrary code via a long DeviceType (aka urn device) field in a UDP packet. | ||||
| CVE-2013-2895 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Mrg | 2025-04-11 | N/A |
| drivers/hid/hid-logitech-dj.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_LOGITECH_DJ is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) or obtain sensitive information from kernel memory via a crafted device. | ||||
| CVE-2013-7038 | 1 Gnu | 1 Libmicrohttpd | 2025-04-11 | N/A |
| The MHD_http_unescape function in libmicrohttpd before 0.9.32 might allow remote attackers to obtain sensitive information or cause a denial of service (crash) via unspecified vectors that trigger an out-of-bounds read. | ||||
| CVE-2011-3026 | 5 Apple, Google, Opensuse and 2 more | 8 Iphone Os, Mac Os X, Mac Os X Server and 5 more | 2025-04-11 | N/A |
| Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation. | ||||
| CVE-2011-3323 | 2 Quagga, Redhat | 2 Quagga, Enterprise Linux | 2025-04-11 | N/A |
| The OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (out-of-bounds memory access and daemon crash) via a Link State Update message with an invalid IPv6 prefix length. | ||||
| CVE-2011-1455 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 11.0.696.57 does not properly handle PDF documents with multipart encoding, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document. | ||||
| CVE-2011-1590 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2025-04-11 | N/A |
| The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file. | ||||
| CVE-2013-6640 | 2 Google, Redhat | 5 Chrome, V8, Rhel Software Collections and 2 more | 2025-04-11 | N/A |
| The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc) in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service (out-of-bounds read) via JavaScript code that sets a variable to the value of an array element with a crafted index. | ||||
| CVE-2011-3893 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 15.0.874.120 does not properly implement the MKV and Vorbis media handlers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||||