Search Results (15959 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2011-4004 1 Cisco 1 Webex Recording Format Player 2025-04-11 N/A
Buffer overflow in the ATAS32 processing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via a crafted WRF file.
CVE-2009-4676 1 Cowon America 1 Jetaudio 2025-04-11 N/A
Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote attackers to execute arbitrary code via a long title in a FLAC file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2012-4335 1 Samsung 1 Net-i Viewer 2025-04-11 N/A
Samsung NET-i viewer 1.37.120316 allows remote attackers to cause a denial of service (infinite loop) via a negative size value in a TCP request to (1) NiwMasterService or (2) NiwStorageService. NOTE: some of these details are obtained from third party information.
CVE-2011-0501 1 Musanim 1 Music Animation Machine Midi Player 2025-04-11 N/A
Stack-based buffer overflow in Music Animation Machine MIDI Player 2006aug19 Release 035 and possibly other versions allows user-assisted remote attackers to execute arbitrary code via a long line in a .mamx file.
CVE-2012-4447 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2025-04-11 N/A
Heap-based buffer overflow in tif_pixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF image using the PixarLog Compression format.
CVE-2012-4465 1 Lars Hjemli 1 Cgit 2025-04-11 N/A
Heap-based buffer overflow in the substr function in parsing.c in cgit 0.9.0.3 and earlier allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via an empty username in the "Author" field in a commit.
CVE-2013-3182 1 Microsoft 1 Windows Server 2012 2025-04-11 N/A
The Windows NAT Driver (aka winnat) service in Microsoft Windows Server 2012 does not properly validate memory addresses during the processing of ICMP packets, which allows remote attackers to cause a denial of service (memory corruption and system hang) via crafted packets, aka "Windows NAT Denial of Service Vulnerability."
CVE-2013-3183 1 Microsoft 6 Windows 7, Windows 8, Windows Rt and 3 more 2025-04-11 N/A
The TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly perform memory allocation for inbound ICMPv6 packets, which allows remote attackers to cause a denial of service (system hang) via crafted packets, aka "ICMPv6 Vulnerability."
CVE-2011-3873 1 Google 1 Chrome 2025-04-11 N/A
Google Chrome before 14.0.835.202 does not properly implement shader translation, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2010-1458 2 Microsoft, Tweakfs 2 Flight Simulator X, Tweakfs Zip Utility 2025-04-11 N/A
Stack-based buffer overflow in Create and Extract Zips TweakFS Zip Utility 1.0 for Flight Simulator X (FSX) allows remote attackers to execute arbitrary code via a long filename in a ZIP archive.
CVE-2010-2028 1 Mgenti 1 Tftputil Gui 2025-04-11 N/A
Buffer overflow in k23productions TFTPUtil GUI (aka TFTPGUI) 1.4.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long transport mode.
CVE-2010-4393 1 Realnetworks 2 Realplayer, Realplayer Sp 2025-04-11 N/A
Heap-based buffer overflow in vidplin.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.x before 14.0.2, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted header in an AVI file.
CVE-2010-2185 3 Adobe, Macromedia, Redhat 4 Air, Flash Player, Flash Player and 1 more 2025-04-11 N/A
Buffer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors.
CVE-2011-3604 1 Litech 1 Router Advertisement Daemon 2025-04-11 N/A
The process_ra function in the router advertisement daemon (radvd) before 1.8.2 allows remote attackers to cause a denial of service (stack-based buffer over-read and crash) via unspecified vectors.
CVE-2012-6616 1 Ffmpeg 1 Ffmpeg 2025-04-11 N/A
The mov_text_decode_frame function in libavcodec/movtextdec.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via crafted 3GPP TS 26.245 data.
CVE-2010-1814 4 Apple, Canonical, Redhat and 1 more 5 Iphone Os, Ipod Touch, Ubuntu Linux and 2 more 2025-04-11 N/A
WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving form menus.
CVE-2010-2704 1 Hp 1 Openview Network Node Manager 2025-04-11 N/A
Buffer overflow in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long HTTP request to nnmrptconfig.exe.
CVE-2011-3499 1 Progea 1 Movicon Powerhmi 2025-04-11 N/A
Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an EIDP packet with a large size field, which writes a zero byte to an arbitrary memory location.
CVE-2010-4216 1 Ibm 1 Tivoli Directory Server 2025-04-11 N/A
IBM Tivoli Directory Server (TDS) 6.0.0.x before 6.0.0.8-TIV-ITDS-IF0007 does not properly handle invalid buffer references in LDAP BER requests, which might allow remote attackers to cause a denial of service (daemon crash) via vectors involving a buffer that has a memory address near the maximum possible address.
CVE-2011-3498 1 Progea 1 Movicon Powerhmi 2025-04-11 N/A
Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long request.