Total
2546 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-2476 | 2 Opensuse, Wireshark | 2 Opensuse, Wireshark | 2024-02-28 | 6.1 MEDIUM | N/A |
The dissect_hartip function in epan/dissectors/packet-hartip.c in the HART/IP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a packet with a header that is too short. | |||||
CVE-2013-2231 | 2 Microsoft, Redhat | 5 Windows, Enterprise Linux, Enterprise Linux Desktop Supplementary and 2 more | 2024-02-28 | 7.2 HIGH | N/A |
Unquoted Windows search path vulnerability in the QEMU Guest Agent service for Red Hat Enterprise Linux Desktop 6, HPC Node 6, Server 6, Workstation 6, Desktop Supplementary 6, Server Supplementary 6, Supplementary AUS 6.4, Supplementary EUS 6.4.z, and Workstation Supplementary 6, when installing on Windows, allows local users to gain privileges via a crafted program in an unspecified folder. | |||||
CVE-2013-1843 | 1 Typo3 | 1 Typo3 | 2024-02-28 | 6.4 MEDIUM | N/A |
Open redirect vulnerability in the Access tracking mechanism in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | |||||
CVE-2012-0661 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-28 | 6.8 MEDIUM | N/A |
Use-after-free vulnerability in QuickTime in Apple Mac OS X 10.7.x before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with JPEG2000 encoding. | |||||
CVE-2012-4291 | 4 Opensuse, Redhat, Sun and 1 more | 4 Opensuse, Enterprise Linux, Sunos and 1 more | 2024-02-28 | 3.3 LOW | N/A |
The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet. | |||||
CVE-2012-6333 | 1 Xen | 1 Xen | 2024-02-28 | 4.7 MEDIUM | N/A |
Multiple HVM control operations in Xen 3.4 through 4.2 allow local HVM guest OS administrators to cause a denial of service (physical CPU consumption) via a large input. | |||||
CVE-2013-2176 | 1 Redhat | 1 Enterprise Virtualization | 2024-02-28 | 7.2 HIGH | N/A |
Unquoted Windows search path vulnerability in the Red Hat Enterprise Virtualization Application Provisioning Tool (RHEV-APT) in the rhev-guest-tools-iso package 3.2 allows local users to gain privileges via a Trojan horse application. | |||||
CVE-2012-2553 | 1 Microsoft | 5 Windows 7, Windows Server 2003, Windows Server 2008 and 2 more | 2024-02-28 | 7.2 HIGH | N/A |
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application, aka "Win32k Use After Free Vulnerability." | |||||
CVE-2013-1962 | 1 Redhat | 1 Libvirt | 2024-02-28 | 5.0 MEDIUM | N/A |
The remoteDispatchStoragePoolListAllVolumes function in the storage pool manager in libvirt 1.0.5 allows remote attackers to cause a denial of service (file descriptor consumption) via a large number of requests "to list all volumes for the particular pool." | |||||
CVE-2011-3086 | 1 Google | 1 Chrome | 2024-02-28 | 10.0 HIGH | N/A |
Use-after-free vulnerability in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a STYLE element. | |||||
CVE-2013-2924 | 1 Google | 1 Chrome | 2024-02-28 | 7.5 HIGH | N/A |
Use-after-free vulnerability in International Components for Unicode (ICU), as used in Google Chrome before 30.0.1599.66 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
CVE-2013-0996 | 2 Apple, Microsoft | 4 Itunes, Windows 7, Windows Vista and 1 more | 2024-02-28 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | |||||
CVE-2012-0845 | 1 Python | 1 Python | 2024-02-28 | 5.0 MEDIUM | N/A |
SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an XML-RPC POST request that contains a smaller amount of data than specified by the Content-Length header. | |||||
CVE-2013-0987 | 2 Apple, Microsoft | 4 Quicktime, Windows 7, Windows Vista and 1 more | 2024-02-28 | 9.3 HIGH | N/A |
Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted QTIF file. | |||||
CVE-2013-0088 | 1 Microsoft | 9 Internet Explorer, Windows 7, Windows 8 and 6 more | 2024-02-28 | 9.3 HIGH | N/A |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer saveHistory Use After Free Vulnerability." | |||||
CVE-2013-2903 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-02-28 | 7.5 HIGH | N/A |
Use-after-free vulnerability in the HTMLMediaElement::didMoveToNewDocument function in core/html/HTMLMediaElement.cpp in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving moving a (1) AUDIO or (2) VIDEO element between documents. | |||||
CVE-2013-2904 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-02-28 | 7.5 HIGH | N/A |
Use-after-free vulnerability in the Document::finishedParsing function in core/dom/Document.cpp in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via an onload event that changes an IFRAME element so that its src attribute is no longer an XML document, leading to unintended garbage collection of this document. | |||||
CVE-2013-2870 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-02-28 | 9.3 HIGH | N/A |
Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote servers to execute arbitrary code via crafted response traffic after a URL request. | |||||
CVE-2012-0176 | 1 Microsoft | 1 Silverlight | 2024-02-28 | 9.3 HIGH | N/A |
Double free vulnerability in Microsoft Silverlight 4 before 4.1.10329 on Windows allows remote attackers to execute arbitrary code via vectors involving crafted XAML glyphs, aka "Silverlight Double-Free Vulnerability." | |||||
CVE-2013-6635 | 1 Google | 1 Chrome | 2024-02-28 | 6.8 MEDIUM | N/A |
Use-after-free vulnerability in the editing implementation in Blink, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service or possibly have unspecified other impact via JavaScript code that triggers removal of a node during processing of the DOM tree, related to CompositeEditCommand.cpp and ReplaceSelectionCommand.cpp. |