Total
11965 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-4157 | 1 Hp | 3 Centralized Management Console Software, San\/iq, Storageworks P4000 Virtual San Appliance | 2017-08-29 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in hydra.exe in HP SAN/iQ before 9.5 on the HP StorageWorks P4000 Virtual SAN Appliance allows remote attackers to execute arbitrary code via a crafted login request. | |||||
| CVE-2011-3491 | 1 Progea | 1 Movicon Powerhmi | 2017-08-29 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a negative Content-Length field. | |||||
| CVE-2011-2127 | 1 Adobe | 1 Shockwave Player | 2017-08-29 | 9.3 HIGH | N/A |
| Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2114, CVE-2011-2117, CVE-2011-2124, and CVE-2011-2128. | |||||
| CVE-2011-2895 | 5 Freebsd, Freetype, Netbsd and 2 more | 5 Freebsd, Freetype, Netbsd and 2 more | 2017-08-29 | 9.3 HIGH | N/A |
| The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896. | |||||
| CVE-2011-2776 | 1 Robert Luberda | 1 Super | 2017-08-29 | 4.4 MEDIUM | N/A |
| Buffer overflow in the Error function in super.c in Super 3.30.0 might allow local users to execute arbitrary code via vectors related to syslog logging. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2011-2328 | 1 Hp | 1 Loadrunner | 2017-08-29 | 6.8 MEDIUM | N/A |
| Buffer overflow in HP LoadRunner allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a .usr (aka Virtual User script) file with long directives. | |||||
| CVE-2011-2962 | 1 Invensys | 1 Wonderware Information Server | 2017-08-29 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in Invensys Wonderware Information Server 3.1, 4.0, and 4.0 SP1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via two unspecified ActiveX controls. | |||||
| CVE-2011-2124 | 1 Adobe | 1 Shockwave Player | 2017-08-29 | 9.3 HIGH | N/A |
| Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2114, CVE-2011-2117, CVE-2011-2127, and CVE-2011-2128. | |||||
| CVE-2010-5145 | 2 Microsoft, Websense | 3 Windows, Websense Web Filter, Websense Web Security | 2017-08-29 | 4.3 MEDIUM | N/A |
| The Filtering Service in Websense Web Security and Web Filter before 6.3.1 Hotfix 136 and 7.x before 7.1.1 on Windows allows remote attackers to cause a denial of service (filtering outage) via a crafted sequence of characters in a URI. | |||||
| CVE-2011-2423 | 1 Adobe | 1 Shockwave Player | 2017-08-29 | 10.0 HIGH | N/A |
| msvcr90.dll in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||||
| CVE-2011-2217 | 2 Tomsawyer, Vmware | 3 Get Extension Factory, Infrastructure, Virtual Infrastructure Client | 2017-08-29 | 9.3 HIGH | N/A |
| Certain ActiveX controls in (1) tsgetxu71ex552.dll and (2) tsgetx71ex552.dll in Tom Sawyer GET Extension Factory 5.5.2.237, as used in VI Client (aka VMware Infrastructure Client) 2.0.2 before Build 230598 and 2.5 before Build 204931 in VMware Infrastructure 3, do not properly handle attempted initialization within Internet Explorer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HTML document. | |||||
| CVE-2011-2900 | 3 Shttpd, Valenok, Yassl | 3 Shttpd, Mongoose, Yasslews | 2017-08-29 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the (1) put_dir function in mongoose.c in Mongoose 3.0, (2) put_dir function in yasslEWS.c in yaSSL Embedded Web Server (yasslEWS) 0.2, and (3) _shttpd_put_dir function in io_dir.c in Simple HTTPD (shttpd) 1.42 allows remote attackers to execute arbitrary code via an HTTP PUT request, as exploited in the wild in 2011. | |||||
| CVE-2011-2595 | 1 Acdsee | 1 Fotoslate | 2017-08-29 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in ACDSee FotoSlate 4.0 Build 146 allow remote attackers to execute arbitrary code via a long id parameter in a (1) String or (2) Int tag in a FotoSlate Project (aka PLP) file. | |||||
| CVE-2011-2594 | 1 Kmplayer | 1 Kmplayer | 2017-08-29 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in KMPlayer 3.0.0.1441, and possibly other versions, allows remote attackers to execute arbitrary code via a playlist (.KPL) file with a long Title field. | |||||
| CVE-2011-2940 | 1 Stunnel | 1 Stunnel | 2017-08-29 | 9.3 HIGH | N/A |
| stunnel 4.40 and 4.41 might allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. | |||||
| CVE-2011-2126 | 1 Adobe | 1 Shockwave Player | 2017-08-29 | 9.3 HIGH | N/A |
| Buffer overflow in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2011-2529 | 1 Digium | 1 Asterisk | 2017-08-29 | 5.0 MEDIUM | N/A |
| chan_sip.c in the SIP channel driver in Asterisk Open Source 1.6.x before 1.6.2.18.1 and 1.8.x before 1.8.4.3 does not properly handle '\0' characters in SIP packets, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted packet. | |||||
| CVE-2011-2589 | 1 Uusee | 2 Uuplayer Activex Control, Uusee | 2017-08-29 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the SendLogAction method in the UUPlayer ActiveX control 6.0.0.1 in UUSee 2010 6.11.0609.2 might allow remote attackers to execute arbitrary code via a long argument. | |||||
| CVE-2010-5193 | 1 Viscomsoft | 2 Image Viewer Cp Gold Sdk, Image Viewer Cp Pro Sdk | 2017-08-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the TIFMergeMultiFiles function in the SCRIBBLE.ScribbleCtrl.1 ActiveX control (ImageViewer2.ocx) in Viscom Image Viewer CP Pro 8.0 and Gold 6.0 allows remote attackers to execute arbitrary code via a long strDelimit parameter. | |||||
| CVE-2011-2125 | 1 Adobe | 1 Shockwave Player | 2017-08-29 | 9.3 HIGH | N/A |
| Buffer overflow in Dirapix.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors. | |||||