Total
1465 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2012-5830 | 6 Apple, Canonical, Mozilla and 3 more | 15 Mac Os X, Ubuntu Linux, Firefox and 12 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 on Mac OS X allows remote attackers to execute arbitrary code via an HTML document. | |||||
CVE-2012-5829 | 6 Canonical, Debian, Mozilla and 3 more | 14 Ubuntu Linux, Debian Linux, Firefox and 11 more | 2024-11-21 | 9.3 HIGH | N/A |
Heap-based buffer overflow in the nsWindow::OnExposeEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
CVE-2012-5656 | 4 Canonical, Fedoraproject, Inkscape and 1 more | 4 Ubuntu Linux, Fedora, Inkscape and 1 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
The rasterization process in Inkscape before 0.48.4 allows local users to read arbitrary files via an external entity in a SVG file, aka an XML external entity (XXE) injection attack. | |||||
CVE-2012-5568 | 2 Apache, Opensuse | 2 Tomcat, Opensuse | 2024-11-21 | 5.0 MEDIUM | N/A |
Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris. | |||||
CVE-2012-5154 | 3 Google, Microsoft, Opensuse | 3 Chrome, Windows, Opensuse | 2024-11-21 | 7.5 HIGH | N/A |
Integer overflow in Google Chrome before 24.0.1312.52 on Windows allows attackers to cause a denial of service or possibly have unspecified other impact via vectors related to allocation of shared memory. | |||||
CVE-2012-5153 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2024-11-21 | 7.5 HIGH | N/A |
Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.52, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds access to stack memory. | |||||
CVE-2012-5152 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2024-11-21 | 5.0 MEDIUM | N/A |
Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving seek operations on video data. | |||||
CVE-2012-5150 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2024-11-21 | 7.5 HIGH | N/A |
Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving seek operations on video data. | |||||
CVE-2012-5149 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2024-11-21 | 7.5 HIGH | N/A |
Integer overflow in the audio IPC layer in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
CVE-2012-5148 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2024-11-21 | 7.5 HIGH | N/A |
The hyphenation functionality in Google Chrome before 24.0.1312.52 does not properly validate file names, which has unspecified impact and attack vectors. | |||||
CVE-2012-5147 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2024-11-21 | 7.5 HIGH | N/A |
Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM handling. | |||||
CVE-2012-5146 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2024-11-21 | 5.0 MEDIUM | N/A |
Google Chrome before 24.0.1312.52 allows remote attackers to bypass the Same Origin Policy via a malformed URL. | |||||
CVE-2012-5145 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2024-11-21 | 7.5 HIGH | N/A |
Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG layout. | |||||
CVE-2012-5144 | 4 Canonical, Google, Libav and 1 more | 4 Ubuntu Linux, Chrome, Libav and 1 more | 2024-11-21 | 10.0 HIGH | N/A |
Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via vectors related to "an off-by-one overwrite when switching to LTP profile from MAIN." | |||||
CVE-2012-5143 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2024-11-21 | 10.0 HIGH | N/A |
Integer overflow in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PPAPI image buffers. | |||||
CVE-2012-5142 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2024-11-21 | 10.0 HIGH | N/A |
Google Chrome before 23.0.1271.97 does not properly handle history navigation, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. | |||||
CVE-2012-5141 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2024-11-21 | 10.0 HIGH | N/A |
Google Chrome before 23.0.1271.97 does not properly restrict instantiation of the Chromoting client plug-in, which has unspecified impact and attack vectors. | |||||
CVE-2012-5140 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2024-11-21 | 10.0 HIGH | N/A |
Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the URL loader. | |||||
CVE-2012-5139 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2024-11-21 | 10.0 HIGH | N/A |
Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to visibility events. | |||||
CVE-2012-5138 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2024-11-21 | 10.0 HIGH | N/A |
Google Chrome before 23.0.1271.95 does not properly handle file paths, which has unspecified impact and attack vectors. |