Total
11965 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-5211 | 1 Attachmate | 1 Reflection Ftp Client | 2015-01-28 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in the Attachmate Reflection FTP Client before 14.1.433 allows remote FTP servers to execute arbitrary code via a large PWD response. | |||||
| CVE-2014-8386 | 1 Advantech | 1 Adamview | 2015-01-21 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in Advantech AdamView 4.3 and earlier allow remote attackers to execute arbitrary code via a crafted (1) display properties or (2) conditional bitmap parameter in a GNI file. | |||||
| CVE-2014-2355 | 1 Ge | 1 Intelligent Platforms Proficy Hmi\/scada Cimplicity | 2015-01-21 | 6.9 MEDIUM | N/A |
| The (1) CimView and (2) CimEdit components in GE Proficy HMI/SCADA-CIMPLICITY 8.2 and earlier allow remote attackers to gain privileges via a crafted CIMPLICITY screen (aka .CIM) file. | |||||
| CVE-2014-10022 | 1 Apache | 1 Traffic Server | 2015-01-14 | 5.0 MEDIUM | N/A |
| Apache Traffic Server before 5.1.2 allows remote attackers to cause a denial of service via unspecified vectors, related to internal buffer sizing. | |||||
| CVE-2014-9190 | 1 Schneider-electric | 1 Wonderware Intouch Access Anywhere Server | 2015-01-12 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in Schneider Electric Wonderware InTouch Access Anywhere Server 10.6 and 11.0 allows remote attackers to execute arbitrary code via a request for a filename that does not exist. | |||||
| CVE-2010-4054 | 1 Artifex | 3 Afpl Ghostscript, Ghostscript Fonts, Gpl Ghostscript | 2015-01-09 | 4.3 MEDIUM | N/A |
| The gs_type2_interpret function in Ghostscript allows remote attackers to cause a denial of service (incorrect pointer dereference and application crash) via crafted font data in a compressed data stream, aka bug 691043. | |||||
| CVE-2009-4270 | 1 Ghostscript | 1 Ghostscript | 2015-01-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the errprintf function in base/gsmisc.c in ghostscript 8.64 through 8.70 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF file, as originally reported for debug logging code in gdevcups.c in the CUPS output driver. | |||||
| CVE-2014-9448 | 1 Mini-stream | 1 Rm-mp3 Converter | 2015-01-06 | 7.5 HIGH | N/A |
| Buffer overflow in Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a long string in a WAX file. | |||||
| CVE-2011-5288 | 1 Threedify | 1 Threedify Designer | 2015-01-03 | 9.3 HIGH | N/A |
| Multiple buffer overflows in the ThreeDify.ThreeDifyDesigner.1 ActiveX control in ActiveSolid.dll in ThreeDify Designer 5.0.2 allow remote attackers to execute arbitrary code via a long argument to the (1) cmdExport, (2) cmdImport, (3) cmdOpen, or (4) cmdSave method. | |||||
| CVE-2011-5295 | 1 Gogago | 1 Gogago Youtube Video Converter | 2015-01-03 | 9.3 HIGH | N/A |
| Buffer overflow in the Download method in a certain ActiveX control in MDIEEx.dll in Gogago YouTube Video Converter 1.1.6 allows remote attackers to execute arbitrary code via a long argument. | |||||
| CVE-2011-5293 | 1 Threediffy | 1 Threedify Designer | 2015-01-03 | 9.3 HIGH | N/A |
| The cmdSave method in the ThreeDify.ThreeDifyDesigner.1 ActiveX control in ActiveSolid.dll in ThreeDify Designer 5.0.2 allows remote attackers to write to arbitrary files via a pathname in the argument. | |||||
| CVE-2014-5314 | 1 Cybozu | 3 Dezie, Mailwise, Office | 2014-12-30 | 9.0 HIGH | N/A |
| Buffer overflow in Cybozu Office 9 and 10 before 10.1.0, Mailwise 4 and 5 before 5.1.4, and Dezie 8 before 8.1.1 allows remote authenticated users to execute arbitrary code via e-mail messages. | |||||
| CVE-2014-9188 | 1 Schneider Electric | 1 Proclima | 2014-12-29 | 9.0 HIGH | N/A |
| Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8513 and CVE-2014-8514. NOTE: this may be clarified later based on details provided by researchers. | |||||
| CVE-2014-8513 | 1 Schneider Electric | 1 Proclima | 2014-12-29 | 7.5 HIGH | N/A |
| Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8514 and CVE-2014-9188. NOTE: this may be clarified later based on details provided by researchers. | |||||
| CVE-2014-8512 | 1 Schneider Electric | 1 Proclima | 2014-12-29 | 7.5 HIGH | N/A |
| Buffer overflow in an ActiveX control in Atx45.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8511. NOTE: this may be clarified later based on details provided by researchers. | |||||
| CVE-2010-1445 | 1 Videolan | 1 Vlc Media Player | 2014-12-29 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted byte stream in an RTMP session. | |||||
| CVE-2010-1441 | 1 Videolan | 1 Vlc Media Player | 2014-12-29 | 7.5 HIGH | N/A |
| Multiple heap-based buffer overflows in VideoLAN VLC media player before 1.0.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted byte stream to the (1) A/52, (2) DTS, or (3) MPEG Audio decoder. | |||||
| CVE-2010-1442 | 1 Videolan | 1 Vlc Media Player | 2014-12-29 | 7.5 HIGH | N/A |
| VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly execute arbitrary code via a crafted byte stream to the (1) AVI, (2) ASF, or (3) Matroska (aka MKV) demuxer. | |||||
| CVE-2014-9263 | 1 3s Pocketnet Tech | 1 3s Pocketnet Tech Video Management Software | 2014-12-23 | 6.8 MEDIUM | N/A |
| Multiple buffer overflows in the PocketNetNVRMediaClientAxCtrl.NVRMediaViewer.1 control in 3S Pocketnet Tech VMS allow remote attackers to execute arbitrary code via a crafted string to the (1) StartRecord, (2) StartRecordEx, (3) StartScheduledRecord, (4) SetDisplayText, (5) GetONVIFDeviceInformation, (6) GetONVIFProfiles, or (7) GetONVIFStreamUri method or a crafted filename to the (8) SaveCurrentImage or (9) SaveCurrentImageEx method. | |||||
| CVE-2014-7249 | 1 Alliedtelesis | 48 Ar440s, Ar440s Firmware, Ar441s and 45 more | 2014-12-19 | 10.0 HIGH | N/A |
| Buffer overflow on the Allied Telesis AR440S, AR441S, AR442S, AR745, AR750S, AR750S-DP, AT-8624POE, AT-8624T/2M, AT-8648T/2SP, AT-8748XL, AT-8848, AT-9816GB, AT-9924T, AT-9924Ts, CentreCOM AR415S, CentreCOM AR450S, CentreCOM AR550S, CentreCOM AR570S, CentreCOM 8700SL, CentreCOM 8948XL, CentreCOM 9924SP, CentreCOM 9924T/4SP, Rapier 48i, and SwitchBlade4000 with firmware before 2.9.1-21 allows remote attackers to execute arbitrary code via a crafted HTTP POST request. | |||||