Total
2546 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2011-1234 | 1 Microsoft | 6 Windows 2003 Server, Windows 7, Windows Server 2003 and 3 more | 2024-02-28 | 7.2 HIGH | N/A |
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | |||||
CVE-2011-1314 | 1 Ibm | 1 Websphere Application Server | 2024-02-28 | 5.0 MEDIUM | N/A |
The Service Integration Bus (SIB) messaging engine in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to cause a denial of service (daemon hang) by performing close operations via network connections to a queue manager. | |||||
CVE-2010-2767 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2024-02-28 | 9.3 HIGH | N/A |
The navigator.plugins implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle destruction of the DOM plugin array, which might allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via crafted access to the navigator object, related to a "dangling pointer vulnerability." | |||||
CVE-2011-0065 | 1 Mozilla | 2 Firefox, Seamonkey | 2024-02-28 | 10.0 HIGH | N/A |
Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECT's mChannel. | |||||
CVE-2010-4644 | 1 Apache | 1 Subversion | 2024-02-28 | 3.5 LOW | N/A |
Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command. | |||||
CVE-2010-0049 | 1 Apple | 1 Safari | 2024-02-28 | 9.3 HIGH | N/A |
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via HTML elements with right-to-left (RTL) text directionality. | |||||
CVE-2009-4875 | 1 Frederico Caldeira Knabben | 1 Fckeditor.java | 2024-02-28 | 5.0 MEDIUM | N/A |
FCKeditor.Java 2.4 allows remote attackers to cause a denial of service (infinite loop) via a malformed request parameter that contains "ctrl" characters. | |||||
CVE-2011-1983 | 1 Microsoft | 1 Office | 2024-02-28 | 9.3 HIGH | N/A |
Use-after-free vulnerability in Microsoft Office 2007 SP2 and SP3, Office 2010 Gold and SP1, and Office for Mac 2011 allows remote attackers to execute arbitrary code via a crafted Word document, aka "Word Use After Free Vulnerability." | |||||
CVE-2011-1385 | 1 Ibm | 2 Aix, Vios | 2024-02-28 | 7.8 HIGH | N/A |
IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.1.x and 2.2.x, allows remote attackers to cause a denial of service (system crash) via an ICMP Echo Reply packet that contains 1 in the Identifier field, a different vulnerability than CVE-2012-0194. | |||||
CVE-2012-0789 | 1 Php | 1 Php | 2024-02-28 | 5.0 MEDIUM | N/A |
Memory leak in the timezone functionality in PHP before 5.3.9 allows remote attackers to cause a denial of service (memory consumption) by triggering many strtotime function calls, which are not properly handled by the php_date_parse_tzfile cache. | |||||
CVE-2011-3450 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-28 | 6.8 MEDIUM | N/A |
CoreUI in Apple Mac OS X 10.7.x before 10.7.3 does not properly restrict the allocation of stack memory, which allows remote attackers to execute arbitrary code or cause a denial of service (memory consumption and application crash) via a long URL. | |||||
CVE-2011-3987 | 1 Daemon-tools | 1 Daemon Tools | 2024-02-28 | 4.9 MEDIUM | N/A |
dtsoftbus01.sys in DAEMON Tools Lite before 4.41.3, Pro Standard before 4.41.0315, and Pro Advanced before 4.41.0315 allows local users to cause a denial of service (system crash) via an invalid DeviceIoControl request to \\.\dtsoftbusctl. | |||||
CVE-2008-7288 | 1 Ibm | 2 Aix, Tivoli Directory Server | 2024-02-28 | 5.0 MEDIUM | N/A |
IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0007 on AIX allows remote attackers to cause a denial of service (server destabilization) via an anonymous DIGEST-MD5 LDAP Bind operation. | |||||
CVE-2011-0944 | 1 Cisco | 1 Ios | 2024-02-28 | 7.8 HIGH | N/A |
Cisco IOS 12.4, 15.0, and 15.1 allows remote attackers to cause a denial of service (device reload) via malformed IPv6 packets, aka Bug ID CSCtj41194. | |||||
CVE-2010-0410 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-02-28 | 4.9 MEDIUM | N/A |
drivers/connector/connector.c in the Linux kernel before 2.6.32.8 allows local users to cause a denial of service (memory consumption and system crash) by sending the kernel many NETLINK_CONNECTOR messages. | |||||
CVE-2011-0391 | 1 Cisco | 2 Telepresence Recording Server, Telepresence Recording Server Software | 2024-02-28 | 7.8 HIGH | N/A |
Cisco TelePresence Recording Server devices with software 1.6.x allow remote attackers to cause a denial of service (thread consumption and device outage) via a malformed request, related to an "ad hoc recording" issue, aka Bug ID CSCtf97205. | |||||
CVE-2011-0393 | 1 Cisco | 4 5500 Series Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5500 and 1 more | 2024-02-28 | 7.8 HIGH | N/A |
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.12), 7.1 and 7.2 before 7.2(5.2), 8.0 before 8.0(5.21), 8.1 before 8.1(2.49), 8.2 before 8.2(3.6), and 8.3 before 8.3(2.7) and Cisco PIX Security Appliances 500 series devices, when transparent firewall mode is configured but IPv6 is not configured, allow remote attackers to cause a denial of service (packet buffer exhaustion and device outage) via IPv6 traffic, aka Bug ID CSCtj04707. | |||||
CVE-2009-4914 | 1 Cisco | 1 Asa 5580 | 2024-02-28 | 7.8 HIGH | N/A |
Memory leak on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (memory consumption) via Subject Alternative Name fields in an X.509 certificate, aka Bug ID CSCsq17879. | |||||
CVE-2010-2120 | 1 Google | 1 Chrome | 2024-02-28 | 4.3 MEDIUM | N/A |
Google Chrome 1.0.154.48 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid news:// URIs. | |||||
CVE-2011-3318 | 1 Cisco | 4 Video Surveillance 2421, Video Surveillance 2500, Video Surveillance 2600 and 1 more | 2024-02-28 | 7.8 HIGH | N/A |
Cisco Video Surveillance 2421 and 2500 series cameras with software 1.1.x and 2.x before 2.4.0 and Video Surveillance 2600 series cameras with software before 4.2.0-13 allow remote attackers to cause a denial of service (device reload) by sending crafted RTSP packets over TCP, aka Bug IDs CSCtj96312, CSCtj39462, and CSCtl80175. |