Total
2546 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2012-4296 | 3 Opensuse, Sun, Wireshark | 3 Opensuse, Sunos, Wireshark | 2024-02-28 | 3.3 LOW | N/A |
Buffer overflow in epan/dissectors/packet-rtps2.c in the RTPS2 dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet. | |||||
CVE-2012-3722 | 1 Apple | 3 Iphone Os, Mac Os X, Mac Os X Server | 2024-02-28 | 6.8 MEDIUM | N/A |
The Sorenson codec in QuickTime in Apple Mac OS X before 10.7.5, and in CoreMedia in iOS before 6, accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding. | |||||
CVE-2013-1339 | 1 Microsoft | 6 Windows 7, Windows 8, Windows Rt and 3 more | 2024-02-28 | 9.0 HIGH | N/A |
The Print Spooler in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly manage memory during deletion of printer connections, which allows remote authenticated users to execute arbitrary code via a crafted request, aka "Print Spooler Vulnerability." | |||||
CVE-2012-5237 | 1 Wireshark | 1 Wireshark | 2024-02-28 | 3.3 LOW | N/A |
The dissect_hsrp function in epan/dissectors/packet-hsrp.c in the HSRP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. | |||||
CVE-2012-4703 | 1 Emerson | 3 Deltav Se3006 Sd Plus Controller, Deltav Ve3005 Controller Md, Deltav Ve3006 Controller Md Plus | 2024-02-28 | 6.1 MEDIUM | N/A |
The Emerson DeltaV SE3006 through 11.3.1, DeltaV VE3005 through 10.3.1 and 11.x through 11.3.1, and DeltaV VE3006 through 10.3.1 and 11.x through 11.3.1 allow remote attackers to cause a denial of service (device restart) via a crafted packet on (1) TCP port 23, (2) UDP port 161, or (3) TCP port 513. | |||||
CVE-2011-4874 | 1 Microsys | 1 Promotic | 2024-02-28 | 7.9 HIGH | N/A |
Use-after-free vulnerability in MICROSYS PROMOTIC before 8.1.7 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (data corruption and application crash) via a crafted project (aka .pra) file. | |||||
CVE-2013-0093 | 1 Microsoft | 9 Internet Explorer, Windows 7, Windows 8 and 6 more | 2024-02-28 | 9.3 HIGH | N/A |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer onBeforeCopy Use After Free Vulnerability." | |||||
CVE-2013-4232 | 2 Debian, Libtiff | 2 Debian Linux, Libtiff | 2024-02-28 | 6.8 MEDIUM | N/A |
Use-after-free vulnerability in the t2p_readwrite_pdf_image function in tools/tiff2pdf.c in libtiff 4.0.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted TIFF image. | |||||
CVE-2013-1305 | 1 Microsoft | 3 Windows 8, Windows Rt, Windows Server 2012 | 2024-02-28 | 7.8 HIGH | N/A |
HTTP.sys in Microsoft Windows 8, Windows Server 2012, and Windows RT allows remote attackers to cause a denial of service (infinite loop) via a crafted HTTP header, aka "HTTP.sys Denial of Service Vulnerability." | |||||
CVE-2013-1685 | 1 Mozilla | 4 Firefox, Firefox Esr, Thunderbird and 1 more | 2024-02-28 | 9.3 HIGH | N/A |
Use-after-free vulnerability in the nsIDocument::GetRootElement function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted web site. | |||||
CVE-2013-0025 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 9.3 HIGH | N/A |
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer SLayoutRun Use After Free Vulnerability." | |||||
CVE-2011-3105 | 1 Google | 1 Chrome | 2024-02-28 | 7.5 HIGH | N/A |
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element. | |||||
CVE-2013-0920 | 1 Google | 1 Chrome | 2024-02-28 | 7.5 HIGH | N/A |
Use-after-free vulnerability in the extension bookmarks API in Google Chrome before 26.0.1410.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
CVE-2012-2831 | 1 Google | 1 Chrome | 2024-02-28 | 7.5 HIGH | N/A |
Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG references. | |||||
CVE-2013-2925 | 1 Google | 1 Chrome | 2024-02-28 | 6.8 MEDIUM | N/A |
Use-after-free vulnerability in core/xml/XMLHttpRequest.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger multiple conflicting uses of the same XMLHttpRequest object. | |||||
CVE-2013-1686 | 1 Mozilla | 4 Firefox, Firefox Esr, Thunderbird and 1 more | 2024-02-28 | 10.0 HIGH | N/A |
Use-after-free vulnerability in the mozilla::ResetDir function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. | |||||
CVE-2013-3385 | 1 Cisco | 4 Content Security Management, Email Security Appliance Firmware, Ironport Asyncos and 1 more | 2024-02-28 | 7.8 HIGH | N/A |
The management GUI in the web framework in IronPort AsyncOS on Cisco Web Security Appliance devices before 7.1.3-013, 7.5 before 7.5.0-838, and 7.7 before 7.7.0-602; Email Security Appliance devices before 7.1.5-106 and 7.3, 7.5, and 7.6 before 7.6.3-019; and Content Security Management Appliance devices before 7.9.1-102 and 8.0 before 8.0.0-404 allows remote attackers to cause a denial of service (system hang) via a series of (1) HTTP or (2) HTTPS requests to a management interface, aka Bug IDs CSCzv58669, CSCzv63329, and CSCzv78669. | |||||
CVE-2013-2927 | 3 Debian, Google, Opensuse | 3 Debian Linux, Chrome, Opensuse | 2024-02-28 | 6.8 MEDIUM | N/A |
Use-after-free vulnerability in the HTMLFormElement::prepareForSubmission function in core/html/HTMLFormElement.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to submission for FORM elements. | |||||
CVE-2011-3946 | 1 Ffmpeg | 1 Ffmpeg | 2024-02-28 | 6.8 MEDIUM | N/A |
The ff_h264_decode_sei function in libavcodec/h264_sei.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Supplemental enhancement information (SEI) data, which triggers an infinite loop. | |||||
CVE-2013-2873 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-02-28 | 7.5 HIGH | N/A |
Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a 404 HTTP status code during the loading of resources. |