Search Results (1468 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-2879 2 Google, Opensuse 2 Chrome, Opensuse 2025-04-11 N/A
Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service (DOM topology corruption) via a crafted document.
CVE-2013-2485 3 Debian, Opensuse, Wireshark 3 Debian Linux, Opensuse, Wireshark 2025-04-11 N/A
The FCSP dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
CVE-2012-2882 2 Google, Opensuse 2 Chrome, Opensuse 2025-04-11 N/A
FFmpeg, as used in Google Chrome before 22.0.1229.79, does not properly handle OGG containers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, related to a "wild pointer" issue.
CVE-2012-2886 2 Google, Opensuse 2 Chrome, Opensuse 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to inject arbitrary web script or HTML via vectors related to the Google V8 bindings, aka "Universal XSS (UXSS)."
CVE-2013-2487 3 Debian, Opensuse, Wireshark 3 Debian Linux, Opensuse, Wireshark 2025-04-11 N/A
epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet, related to the (1) dissect_icecandidates, (2) dissect_kinddata, (3) dissect_nodeid_list, (4) dissect_storeans, (5) dissect_storereq, (6) dissect_storeddataspecifier, (7) dissect_fetchreq, (8) dissect_findans, (9) dissect_diagnosticinfo, (10) dissect_diagnosticresponse, (11) dissect_reload_messagecontents, and (12) dissect_reload_message functions, a different vulnerability than CVE-2013-2486.
CVE-2012-2887 2 Google, Opensuse 2 Chrome, Opensuse 2025-04-11 N/A
Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving onclick events.
CVE-2013-2488 3 Debian, Opensuse, Wireshark 3 Debian Linux, Opensuse, Wireshark 2025-04-11 N/A
The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not validate the fragment offset before invoking the reassembly state machine, which allows remote attackers to cause a denial of service (application crash) via a large offset value that triggers write access to an invalid memory location.
CVE-2012-2888 2 Google, Opensuse 2 Chrome, Opensuse 2025-04-11 N/A
Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG text references.
CVE-2013-2555 8 Adobe, Apple, Google and 5 more 14 Air, Flash Player, Macos and 11 more 2025-04-11 N/A
Integer overflow in Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013.
CVE-2013-2765 3 Apache, Opensuse, Trustwave 3 Http Server, Opensuse, Modsecurity 2025-04-11 N/A
The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header.
CVE-2012-4528 3 Fedoraproject, Opensuse, Trustwave 3 Fedora, Opensuse, Modsecurity 2025-04-11 N/A
The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data.
CVE-2012-5133 2 Google, Opensuse 2 Chrome, Opensuse 2025-04-11 N/A
Use-after-free vulnerability in Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG filters.
CVE-2012-5136 2 Google, Opensuse 2 Chrome, Opensuse 2025-04-11 N/A
Google Chrome before 23.0.1271.91 does not properly perform a cast of an unspecified variable during handling of the INPUT element, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted HTML document.
CVE-2012-5138 2 Google, Opensuse 2 Chrome, Opensuse 2025-04-11 N/A
Google Chrome before 23.0.1271.95 does not properly handle file paths, which has unspecified impact and attack vectors.
CVE-2012-5139 2 Google, Opensuse 2 Chrome, Opensuse 2025-04-11 N/A
Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to visibility events.
CVE-2012-5140 2 Google, Opensuse 2 Chrome, Opensuse 2025-04-11 N/A
Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the URL loader.
CVE-2012-5148 2 Google, Opensuse 2 Chrome, Opensuse 2025-04-11 N/A
The hyphenation functionality in Google Chrome before 24.0.1312.52 does not properly validate file names, which has unspecified impact and attack vectors.
CVE-2012-5149 2 Google, Opensuse 2 Chrome, Opensuse 2025-04-11 N/A
Integer overflow in the audio IPC layer in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2012-5153 2 Google, Opensuse 2 Chrome, Opensuse 2025-04-11 N/A
Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.52, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds access to stack memory.
CVE-2011-0461 1 Opensuse 1 Opensuse 2025-04-11 N/A
/etc/init.d/boot.localfs in the aaa_base package before 11.2-43.48.1 in SUSE openSUSE 11.2, and before 11.3-8.7.1 in openSUSE 11.3, allows local users to overwrite arbitrary files via a symlink attack on /dev/shm/mtab.