Vulnerabilities (CVE)

Filtered by CWE-189
Total 1222 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-1582 1 Wireshark 1 Wireshark 2024-11-21 2.9 LOW N/A
The dissect_clnp function in epan/dissectors/packet-clnp.c in the CLNP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly manage an offset variable, which allows remote attackers to cause a denial of service (infinite loop or application crash) via a malformed packet.
CVE-2013-1462 1 Miniupnp Project 1 Miniupnpd 2024-11-21 7.8 HIGH N/A
Integer signedness error in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to cause a denial of service (incorrect memory copy) via a SOAPAction header that lacks a " (double quote) character, a different vulnerability than CVE-2013-0230.
CVE-2013-1329 1 Microsoft 1 Publisher 2024-11-21 9.3 HIGH N/A
Integer signedness error in Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers a buffer underflow, aka "Publisher Buffer Underflow Vulnerability."
CVE-2013-1327 1 Microsoft 1 Publisher 2024-11-21 9.3 HIGH N/A
Integer signedness error in Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers an improper memory allocation, aka "Publisher Signed Integer Vulnerability."
CVE-2013-0913 2 Linux, Opensuse 2 Linux Kernel, Opensuse 2024-11-21 7.2 HIGH N/A
Integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel through 3.8.3, as used in Google Chrome OS before 25.0.1364.173 and other products, allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted application that triggers many relocation copies, and potentially leads to a race condition.
CVE-2013-0876 1 Ffmpeg 1 Ffmpeg 2024-11-21 9.3 HIGH N/A
Multiple integer overflows in the (1) old_codec37 and (2) old_codec47 functions in libavcodec/sanm.c in FFmpeg before 1.1.3 allow remote attackers to have an unspecified impact via crafted LucasArts Smush data, which triggers an out-of-bounds array access.
CVE-2013-0875 1 Ffmpeg 1 Ffmpeg 2024-11-21 9.3 HIGH N/A
The ff_add_png_paeth_prediction function in libavcodec/pngdec.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via a crafted PNG image, related to an out-of-bounds array access.
CVE-2013-0864 1 Ffmpeg 1 Ffmpeg 2024-11-21 10.0 HIGH N/A
The gif_copy_img_rect function in libavcodec/gifdec.c in FFmpeg before 1.1.2 performs an incorrect calculation for an "end pointer," which allows remote attackers to have an unspecified impact via crafted GIF data that triggers an out-of-bounds array access.
CVE-2013-0862 1 Ffmpeg 1 Ffmpeg 2024-11-21 9.3 HIGH N/A
Multiple integer overflows in the process_frame_obj function in libavcodec/sanm.c in FFmpeg before 1.1.2 allow remote attackers to have an unspecified impact via crafted image dimensions in LucasArts Smush video data, which triggers an out-of-bounds array access.
CVE-2013-0859 1 Ffmpeg 1 Ffmpeg 2024-11-21 9.3 HIGH N/A
The add_doubles_metadata function in libavcodec/tiff.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a negative or zero count value in a TIFF image, which triggers an out-of-bounds array access.
CVE-2013-0855 1 Ffmpeg 1 Ffmpeg 2024-11-21 9.3 HIGH N/A
Integer overflow in the alac_decode_close function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a large number of samples per frame in Apple Lossless Audio Codec (ALAC) data, which triggers an out-of-bounds array access.
CVE-2013-0853 1 Ffmpeg 1 Ffmpeg 2024-11-21 9.3 HIGH N/A
The wavpack_decode_frame function in libavcodec/wavpack.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted WavPack data, which triggers an out-of-bounds array access, possibly due to an off-by-one error.
CVE-2013-0844 1 Ffmpeg 1 Ffmpeg 2024-11-21 9.3 HIGH N/A
Off-by-one error in the adpcm_decode_frame function in libavcodec/adpcm.c in FFmpeg before 1.0.4 allows remote attackers to have an unspecified impact via crafted DK4 data, which triggers an out-of-bounds array access.
CVE-2013-0646 5 Adobe, Apple, Google and 2 more 9 Adobe Air, Adobe Air Sdk, Adobe Air Sdk And Compiler and 6 more 2024-11-21 10.0 HIGH N/A
Integer overflow in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Android 4.x; Adobe AIR before 3.6.0.6090; Adobe AIR SDK before 3.6.0.6090; and Adobe AIR SDK & Compiler before 3.6.0.6090 allows attackers to execute arbitrary code via unspecified vectors.
CVE-2013-0639 5 Adobe, Apple, Google and 2 more 7 Air, Air Sdk, Flash Player and 4 more 2024-11-21 10.0 HIGH N/A
Integer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors.
CVE-2013-0613 1 Adobe 2 Acrobat, Acrobat Reader 2024-11-21 10.0 HIGH N/A
Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0609.
CVE-2013-0609 1 Adobe 2 Acrobat, Acrobat Reader 2024-11-21 10.0 HIGH N/A
Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0613.
CVE-2013-0312 1 Fedoraproject 1 389 Directory Server 2024-11-21 5.0 MEDIUM N/A
389 Directory Server before 1.3.0.4 allows remote attackers to cause a denial of service (crash) via a zero length LDAP control sequence.
CVE-2013-0306 2 Canonical, Djangoproject 2 Ubuntu Linux, Django 2024-11-21 5.0 MEDIUM N/A
The form library in Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release candidate 2 allows remote attackers to bypass intended resource limits for formsets and cause a denial of service (memory consumption) or trigger server errors via a modified max_num parameter.
CVE-2013-0228 1 Linux 1 Linux Kernel 2024-11-21 6.2 MEDIUM N/A
The xen_iret function in arch/x86/xen/xen-asm_32.S in the Linux kernel before 3.7.9 on 32-bit Xen paravirt_ops platforms does not properly handle an invalid value in the DS segment register, which allows guest OS users to gain guest OS privileges via a crafted application.