Total
2548 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2012-2438 | 1 Awcm-cms | 1 Ar Web Content Manager | 2024-11-21 | 5.0 MEDIUM | N/A |
ar web content manager (AWCM) 2.2 does not restrict the number of comment records that can be submitted through HTTP requests, which allows remote attackers to cause a denial of service (disk consumption) via the coment parameter to (1) show_video.php or (2) topic.php. | |||||
CVE-2012-2426 | 1 Xarrow | 1 Xarrow | 2024-11-21 | 7.8 HIGH | N/A |
The server in xArrow before 3.4.1 does not properly allocate memory, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via unspecified vectors. | |||||
CVE-2012-2419 | 2 Intuit, Microsoft | 2 Quickbooks, Internet Explorer | 2024-11-21 | 1.8 LOW | N/A |
Memory leak in the intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, allows remote attackers to cause a denial of service (memory consumption) via a URI with multiple references to the same name-value pair. | |||||
CVE-2012-2392 | 1 Wireshark | 1 Wireshark | 2024-11-21 | 3.3 LOW | N/A |
Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allows remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) ANSI MAP, (2) ASF, (3) IEEE 802.11, (4) IEEE 802.3, and (5) LTP dissectors. | |||||
CVE-2012-2390 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.9 MEDIUM | N/A |
Memory leak in mm/hugetlb.c in the Linux kernel before 3.4.2 allows local users to cause a denial of service (memory consumption or system crash) via invalid MAP_HUGETLB mmap operations. | |||||
CVE-2012-2385 | 1 Keith Winstein | 1 Mosh | 2024-11-21 | 4.0 MEDIUM | N/A |
The terminal dispatcher in mosh before 1.2.1 allows remote authenticated users to cause a denial of service (long loop and CPU consumption) via an escape sequence with a large repeat count value. | |||||
CVE-2012-2214 | 1 Pidgin | 1 Pidgin | 2024-11-21 | 3.5 LOW | N/A |
proxy.c in libpurple in Pidgin before 2.10.4 does not properly handle canceled SOCKS5 connection attempts, which allows user-assisted remote authenticated users to cause a denial of service (application crash) via a sequence of XMPP file-transfer requests. | |||||
CVE-2012-2210 | 1 Sony | 1 Bravia Tv | 2024-11-21 | 7.8 HIGH | N/A |
The Sony Bravia TV KDL-32CX525 allows remote attackers to cause a denial of service (configuration outage or device crash) via a flood of TCP SYN packets, as demonstrated by hping, a related issue to CVE-1999-0116. | |||||
CVE-2012-2199 | 2 Ibm, Oracle | 2 Websphere Mq, Solaris | 2024-11-21 | 5.0 MEDIUM | N/A |
The server message channel agent in the queue manager in the server in IBM WebSphere MQ 7.0.1 before 7.0.1.9, 7.1, and 7.5 on Solaris allows remote attackers to cause a denial of service (invalid address alignment exception and daemon crash) via vectors involving a multiplexed channel. | |||||
CVE-2012-2192 | 1 Ibm | 2 Aix, Vios | 2024-11-21 | 4.9 MEDIUM | N/A |
The socketpair function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.1.4-FP-25 SP-02 allows local users to cause a denial of service (system crash) via a crafted application that leverages the presence of a socket on the free list. | |||||
CVE-2012-2147 | 1 Munin-monitoring | 1 Munin | 2024-11-21 | 5.0 MEDIUM | N/A |
munin-cgi-graph in Munin 2.0 rc4 allows remote attackers to cause a denial of service (disk or memory consumption) via many image requests with large values in the (1) size_x or (2) size_y parameters. | |||||
CVE-2012-2145 | 1 Apache | 1 Qpid | 2024-11-21 | 5.0 MEDIUM | N/A |
Apache Qpid 0.17 and earlier does not properly restrict incoming client connections, which allows remote attackers to cause a denial of service (file descriptor consumption) via a large number of incomplete connections. | |||||
CVE-2012-2134 | 1 Martin Nagy | 1 Bind-dyndb-ldap | 2024-11-21 | 4.3 MEDIUM | N/A |
The handle_connection_error function in ldap_helper.c in bind-dyndb-ldap before 1.1.0rc1 does not properly handle LDAP query errors, which allows remote attackers to cause a denial of service (infinite loop and named server hang) via a non-alphabet character in the base DN in an LDAP search DNS query. | |||||
CVE-2012-2133 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.0 MEDIUM | N/A |
Use-after-free vulnerability in the Linux kernel before 3.3.6, when huge pages are enabled, allows local users to cause a denial of service (system crash) or possibly gain privileges by interacting with a hugetlbfs filesystem, as demonstrated by a umount operation that triggers improper handling of quota data. | |||||
CVE-2012-2124 | 2 Redhat, Squirrelmail | 2 Enterprise Linux, Squirrelmail | 2024-11-21 | 5.0 MEDIUM | N/A |
functions/imap_general.php in SquirrelMail, as used in Red Hat Enterprise Linux (RHEL) 4 and 5, does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many IMAP login attempts with different usernames, leading to the creation of many preference files. NOTE: this issue exists because of an incorrect fix for CVE-2010-2813. | |||||
CVE-2012-2027 | 1 Adobe | 3 Photoshop, Photoshop Cs4, Photoshop Cs5.5 | 2024-11-21 | 9.3 HIGH | N/A |
Use-after-free vulnerability in Adobe Photoshop CS5 12.x before 12.0.5 and CS5.1 12.1.x before 12.1.1 allows remote attackers to execute arbitrary code via a crafted TIFF (aka .TIF) file. | |||||
CVE-2012-1962 | 1 Mozilla | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2024-11-21 | 10.0 HIGH | N/A |
Use-after-free vulnerability in the JSDependentString::undepend function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving strings with multiple dependencies. | |||||
CVE-2012-1958 | 1 Mozilla | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2024-11-21 | 9.3 HIGH | N/A |
Use-after-free vulnerability in the nsGlobalWindow::PageHidden function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 might allow remote attackers to execute arbitrary code via vectors related to focused content. | |||||
CVE-2012-1954 | 1 Mozilla | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2024-11-21 | 10.0 HIGH | N/A |
Use-after-free vulnerability in the nsDocument::AdoptNode function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors involving multiple adoptions and empty documents. | |||||
CVE-2012-1952 | 1 Mozilla | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2024-11-21 | 9.3 HIGH | N/A |
The nsTableFrame::InsertFrames function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly perform a cast of a frame variable during processing of mixed row-group and column-group frames, which might allow remote attackers to execute arbitrary code via a crafted web site. |