Total
11965 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-0223 | 2 Opensuse, Redhat | 2 Opensuse, Enterprise Linux | 2023-02-13 | 1.9 LOW | N/A |
| The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the join command, when using the -i switch, which triggers a stack-based buffer overflow in the alloca function. | |||||
| CVE-2013-0183 | 1 Rack Project | 1 Rack | 2023-02-13 | 5.0 MEDIUM | N/A |
| multipart/parser.rb in Rack 1.3.x before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to cause a denial of service (memory consumption and out-of-memory error) via a long string in a Multipart HTTP packet. | |||||
| CVE-2013-0220 | 1 Fedoraproject | 1 Sssd | 2023-02-13 | 5.0 MEDIUM | N/A |
| The (1) sss_autofs_cmd_getautomntent and (2) sss_autofs_cmd_getautomntbyname function in responder/autofs/autofssrv_cmd.c and the (3) ssh_cmd_parse_request function in responder/ssh/sshsrv_cmd.c in System Security Services Daemon (SSSD) before 1.9.4 allow remote attackers to cause a denial of service (out-of-bounds read, crash, and restart) via a crafted SSSD packet. | |||||
| CVE-2012-4575 | 2 Pgbouncer Project, Postgresql | 2 Pgbouncer, Postgresql | 2023-02-13 | 5.0 MEDIUM | N/A |
| The add_database function in objects.c in the pgbouncer pooler 1.5.2 for PostgreSQL allows remote attackers to cause a denial of service (daemon outage) via a long database name in a request. | |||||
| CVE-2012-4447 | 1 Libtiff | 1 Libtiff | 2023-02-13 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in tif_pixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF image using the PixarLog Compression format. | |||||
| CVE-2012-4445 | 1 W1.fi | 1 Hostapd | 2023-02-13 | 4.3 MEDIUM | N/A |
| Heap-based buffer overflow in the eap_server_tls_process_fragment function in eap_server_tls_common.c in the EAP authentication server in hostapd 0.6 through 1.0 allows remote attackers to cause a denial of service (crash or abort) via a small "TLS Message Length" value in an EAP-TLS message with the "More Fragments" flag set. | |||||
| CVE-2012-3535 | 1 Uclouvain | 1 Openjpeg | 2023-02-13 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in OpenJPEG 1.5.0 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted JPEG2000 file. | |||||
| CVE-2012-2745 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 4.7 MEDIUM | N/A |
| The copy_creds function in kernel/cred.c in the Linux kernel before 3.3.2 provides an invalid replacement session keyring to a child process, which allows local users to cause a denial of service (panic) via a crafted application that uses the fork system call. | |||||
| CVE-2012-1136 | 2 Freetype, Mozilla | 2 Freetype, Firefox Mobile | 2023-02-13 | 9.3 HIGH | N/A |
| FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font that lacks an ENCODING field. | |||||
| CVE-2012-1130 | 2 Freetype, Mozilla | 2 Freetype, Firefox Mobile | 2023-02-13 | 9.3 HIGH | N/A |
| FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a PCF font. | |||||
| CVE-2012-2127 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 5.0 MEDIUM | N/A |
| fs/proc/root.c in the procfs implementation in the Linux kernel before 3.2 does not properly interact with CLONE_NEWPID clone system calls, which allows remote attackers to cause a denial of service (reference leak and memory consumption) by making many connections to a daemon that uses PID namespaces to isolate clients, as demonstrated by vsftpd. | |||||
| CVE-2012-1134 | 2 Freetype, Mozilla | 2 Freetype, Firefox Mobile | 2023-02-13 | 9.3 HIGH | N/A |
| FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted private-dictionary data in a Type 1 font. | |||||
| CVE-2012-1137 | 2 Freetype, Mozilla | 2 Freetype, Firefox Mobile | 2023-02-13 | 9.3 HIGH | N/A |
| FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted header in a BDF font. | |||||
| CVE-2012-3358 | 1 Uclouvain | 1 Openjpeg | 2023-02-13 | 10.0 HIGH | N/A |
| Multiple heap-based buffer overflows in the j2k_read_sot function in j2k.c in OpenJPEG 1.5 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted (1) tile number or (2) tile length in a JPEG 2000 image file. | |||||
| CVE-2012-1144 | 2 Freetype, Mozilla | 2 Freetype, Firefox Mobile | 2023-02-13 | 9.3 HIGH | N/A |
| FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via a crafted TrueType font. | |||||
| CVE-2012-3364 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 5.0 MEDIUM | N/A |
| Multiple stack-based buffer overflows in the Near Field Communication Controller Interface (NCI) in the Linux kernel before 3.4.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via incoming frames with crafted length fields. | |||||
| CVE-2012-2108 | 1 Csounds | 1 Csound | 2023-02-13 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the main function in util/lpci_main.c in Csound before 5.17.2, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted file. | |||||
| CVE-2012-1140 | 2 Freetype, Mozilla | 2 Freetype, Firefox Mobile | 2023-02-13 | 9.3 HIGH | N/A |
| FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted PostScript font object. | |||||
| CVE-2011-3191 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2023-02-13 | 8.3 HIGH | 8.8 HIGH |
| Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large length value in a response to a read request for a directory. | |||||
| CVE-2012-0870 | 2 Rim, Samba | 3 Blackberry Playbook Os, Blackberry Playbook Tablet, Samba | 2023-02-13 | 7.9 HIGH | N/A |
| Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used in the file-sharing service on the BlackBerry PlayBook tablet before 2.0.0.7971 and other products, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a Batched (aka AndX) request that triggers infinite recursion. | |||||